Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

Imagine going to log into one of your devices only to find that it has been completely wiped of any files located on it. Furthermore, imagine trying to log into your online account to manage the settings of said device, only to find that the password you know is correct is being identified as incorrect. This is the experience that many users of Western Digital’s My Book NAS device are currently going through, and it’s suspected that it is all because of an unpatched vulnerability.

The device in question, the Western Digital My Book, is a network-attached storage device that gives users the ability to remotely access files and manage devices. This is notable, as they can do so even if the NAS device is secured with a firewall or router. Bleeping Computer reports that some users are unable to log into their NAS devices, the reason being an “Invalid Password.” Since the devices appeared to be factory reset, some users tried the default login credentials but had no luck accessing their devices or recovering their files.

After some investigation, users discovered that the devices received a remote command to perform factory resets. Bleeping Computer reports that this attack is an odd one in terms of remote command attacks, mostly because the device in question is secured behind a firewall and communicates exclusively through the My Book Live cloud servers to issue remote access. Therefore, it makes sense for some users to assume that Western Digital’s servers were hacked, although they do mention that it is strange that the attack deleted files rather than issuing ransoms, such as with other threats like ransomware which are designed to steal data or encrypt files.

Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:

  • “If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”

These WD My Book Live devices have not received updates since 2015, so it’s unsurprising that a vulnerability surfaced. Still, this situation should be a reminder that it is beneficial to consider upgrading from unsupported devices to those that are actively receiving patches and security updates. That said, failing to administer patches and security updates as they are released is just as bad as using unsupported devices, so the responsibility falls on your shoulders to make sure that you are using technology that isn’t putting your organization at risk.

Need a Hand with Upgrading?

Total Tech Care can help your organization take care of any updates to its technology infrastructure. Especially in today’s age of massive security breaches and considerable cyberthreats, it has never been more important to make sure that your network is protected in every conceivable way. To learn more about what we can do for your business, reach out to us at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 02 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Network Security Business Google Internet Microsoft Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices IT Services Hardware Disaster Recovery Android VoIP communications IT Support Business Continuity Smartphones Communication Miscellaneous Smartphone Mobile Device Browser Small Business Network Collaboration Productivity Quick Tips Cybersecurity Users Business Management Phishing Windows Managed IT Services Upgrade Outsourced IT Ransomware Data Backup Windows 10 Save Money Cloud Computing Data Recovery Office Server Passwords Windows 10 Tech Term Chrome Virtualization Gadgets Saving Money Holiday Social Media Microsoft Office Managed IT Services Automation Managed Service Operating System Cybercrime Computers Artificial Intelligence Facebook Hacking Health Internet of Things Wi-Fi BYOD Mobile Device Management Networking IT Support Managed Service Provider Remote Spam Alert Office 365 Telephone Systems Covid-19 Information Information Technology Employer-Employee Relationship Recovery Social Engineering Router Mobility BDR Bandwidth Big Data Human Resources Law Enforcement Remote Monitoring Mobile Computing Data Breach Application Password Money App History Encryption Applications How To Government Remote Computing Private Cloud Data Storage Mobile Office Patch Management Managed IT Blockchain Apps Paperless Office Office Tips Training VPN Voice over Internet Protocol Settings Two-factor Authentication Avoiding Downtime Flexibility Mouse Marketing HaaS Vulnerability WiFi Windows 7 IT solutions Entertainment Word Website Bring Your Own Device Data Management Budget Work/Life Balance Servers Wireless Data Security Gmail Google Drive Infrastructure HIPAA Sports Redundancy Keyboard Firewall Virtual Reality Apple Data Protection Social Conferencing Save Time User Error Meetings Scam Cleaning Vendor USB Risk Management Managed Services Telephone System Hacker Staff Software as a Service Display Vendor Management Machine Learning End of Support The Internet of Things Connectivity Remote Work Lithium-ion battery Physical Security Education Employee/Employer Relationship Safety RMM Samsung Customer Service PDF Computing Environment Value Fax Server Augmented Reality Proactive IT Fraud Best Practice Spam Blocking Electronic Medical Records Remote Worker YouTube Digital Signage SaaS Virus Black Market Cryptocurrency Hiring/Firing Unified Threat Management Network Congestion Computer Accessories Procurement eWaste Document Management Workplace Strategy Solid State Drive Wireless Technology Comparison Net Neutrality How to Downtime CES Help Desk Printing Business Intelligence Data storage Printer Automobile Business Technology Content Management Audit Wearable Technology Bluetooth Worker Retail Hard Drives Access Control IT Management Managed Services Provider Instant Messaging Robot Virtual Assistant Excel Computing Infrastructure Botnet Authentication Going Green Database IT Plan Biometrics Virtual Desktop Remote Workers IT Consultant Unsupported Software Processor Battery Charger Humor Shadow IT Update DDoS Legal Hard Drive SharePoint Compliance Computer Care Internet Exlporer Google Docs OneNote Current Events Identity Theft Telephony MSP Ergonomics Accountants Smartwatch Root Cause Analysis HBO Knowledge Microchip Best Available Music Thought Leadership Development Credit Cards OLED Relocation Password Manager Virtual Machine Skype Antivirus WIndows 7 Password Management PCI DSS 2FA Windows 8 Fiber Optics Multi-Factor Security Employee Data loss Outlook Leadership IT service Search Engine Troubleshooting Video Games Twitter Messaging Cabling NIST Policy Business Mangement Hypervisor Start Menu Worker Commute Loyalty Experience Dark mode Tablet Smart Tech Trend Micro Trending Screen Mirroring Amazon Default App Frequently Asked Questions Domains Books Scalability Addiction SMS Procedure PowerPoint Recycling Saving Time Windows Media Player Mobile Windows 10s User Business Owner Maintenance Wiring dark theme Practices Shopping NarrowBand Google Search Cast IaaS Amazon Web Services IT Infrastructure Tip of the week webinar Emergency Bloatware Search Cache AI Safe Mode FinTech iPhone Criminal Professional Services Bing Public Cloud Managing Stress Employer Employee Relationship Assessment GDPR Tablets Hosted Computing Social Network Online Shopping Investment Windows Server 2008 Entrepreneur Wireless Internet Cameras File Sharing Employees Files Employee/Employer Relationships Tools Television Shortcut Camera Windows 365 Inventory Chromecast Specifications ISP Evernote ROI Cost Management Wire Video Conferencing Social Networking Sales Colocation Bitcoin Uninterrupted Power Supply Travel Shortcuts Public Computer Printers Point of Sale Personal Millennials Cryptomining Monitor Wireless Charging Regulations Transportation Smart Office Supply Chain Management Printer Server Monitoring Batteries Computer Fan Running Cable Rootkit Virtual Private Network Windows 8.1 Memory Digitize Workforce Reputation Cables Windows Server 2008 R2 Streaming Media Workers Benefits Content Customer relationships Tech Support FENG IBM Project Management Email Best Practices Techology Nanotechnology IT Assessment Laptop Telecommuting Manufacturing Customers Cortana Flash Smart Technology Audiobook Computer Tips Science Digital Signature Managed IT Service Security Cameras Software Tips Supercomputer Warranty Virtual CIO OneDrive Touchpad Biometric Security Google Apps Sync Emails HVAC Peripheral Customer Relationship Management Politics Digital Security Cameras Advertising Analysis Using Data Distributed Denial of Service Administrator Consultant Analyitcs Devices Copiers 5G Notifications Netflix Two Factor Authentication Programming Enterprise Content Management Quick Tip Analytics

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code