[Year 12 SofDev] NAS dictionary attack

[Bass, Gary S]

Apparently the Bad Guys have turned their attention to NAS devices.


Synology has warned that it "recently found that several users were under a ransomware attack, where admins' credentials were stolen by brute-force login attacks, and their data was encrypted as a result. We investigated and found that the causes of these attacks were due to dictionary attacks instead of specific system vulnerabilities. This large-scale attack was targeted at various NAS models from different vendors; therefore we strongly recommend users check network and account settings to protect data from ransomware." [My emphasis]


The company urges NAS owners to take the following steps (or their equivalent for other vendors' products):


Use a complex and strong password, and?Apply password strength rules?to all users.
Create a new account in administrator group and disable the system default "admin" account.
Enable?Auto Block?in?Control Panel?to block IP addresses with too many failed login attempts.
Run?Security Advisor?to make sure there is no weak password in the system.
Sent from an iPad PRO
IMPORTANT - This email and any attachments may be confidential. If received in error, please contact us and delete all copies. Before opening or using attachments check them for viruses and defects. Regardless of any loss, damage or consequence, whether caused by the negligence of the sender or not, resulting directly or indirectly from the use of any attached files our liability is limited to resupplying any affected attachments. Any representations or opinions expressed are those of the individual sender, and not necessarily those of the Department of Education and Training.