Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

Unpatched Vulnerability Leads to Remote Factory Resets in Western Digital My Book NAS Devices

Imagine going to log into one of your devices only to find that it has been completely wiped of any files located on it. Furthermore, imagine trying to log into your online account to manage the settings of said device, only to find that the password you know is correct is being identified as incorrect. This is the experience that many users of Western Digital’s My Book NAS device are currently going through, and it’s suspected that it is all because of an unpatched vulnerability.

The device in question, the Western Digital My Book, is a network-attached storage device that gives users the ability to remotely access files and manage devices. This is notable, as they can do so even if the NAS device is secured with a firewall or router. Bleeping Computer reports that some users are unable to log into their NAS devices, the reason being an “Invalid Password.” Since the devices appeared to be factory reset, some users tried the default login credentials but had no luck accessing their devices or recovering their files.

After some investigation, users discovered that the devices received a remote command to perform factory resets. Bleeping Computer reports that this attack is an odd one in terms of remote command attacks, mostly because the device in question is secured behind a firewall and communicates exclusively through the My Book Live cloud servers to issue remote access. Therefore, it makes sense for some users to assume that Western Digital’s servers were hacked, although they do mention that it is strange that the attack deleted files rather than issuing ransoms, such as with other threats like ransomware which are designed to steal data or encrypt files.

Although Western Digital is investigating the attack, Bleeping Computer does detail a statement issued by the company, stating the following:

  • “If you own a WD My Book Live NAS device, Western Digital strongly recommends that you disconnect the device from the Internet. ‘At this time, we recommend you disconnect your My Book Live and My Book Live Duo from the Internet to protect your data on the device,’ Western Digital said in an advisory.”

These WD My Book Live devices have not received updates since 2015, so it’s unsurprising that a vulnerability surfaced. Still, this situation should be a reminder that it is beneficial to consider upgrading from unsupported devices to those that are actively receiving patches and security updates. That said, failing to administer patches and security updates as they are released is just as bad as using unsupported devices, so the responsibility falls on your shoulders to make sure that you are using technology that isn’t putting your organization at risk.

Need a Hand with Upgrading?

Total Tech Care can help your organization take care of any updates to its technology infrastructure. Especially in today’s age of massive security breaches and considerable cyberthreats, it has never been more important to make sure that your network is protected in every conceivable way. To learn more about what we can do for your business, reach out to us at 866-348-2602.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Google Business Network Security Microsoft Internet Email Malware Backup Workplace Tips Innovation Data User Tips Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications Business Continuity Smartphones Communication IT Support Smartphone Miscellaneous Mobile Device Small Business Network Browser Collaboration Productivity Quick Tips Cybersecurity Business Management Users Managed IT Services Upgrade Windows Phishing Data Backup Outsourced IT Ransomware Windows 10 Data Recovery Office Server Save Money Cloud Computing Windows 10 Passwords Gadgets Social Media Saving Money Holiday Tech Term Chrome Virtualization Automation Managed Service Microsoft Office Managed IT Services Artificial Intelligence Cybercrime Operating System Computers Facebook BYOD Wi-Fi Mobile Device Management Health Networking IT Support Hacking Internet of Things Information Technology Alert Information Remote Managed Service Provider Spam Office 365 Telephone Systems Covid-19 Recovery Employer-Employee Relationship Bandwidth Social Engineering Mobility Router BDR Data Breach Application Human Resources Password Money Encryption Big Data Remote Monitoring Applications App Law Enforcement History Mobile Computing Blockchain Paperless Office VPN Managed IT Apps Remote Computing How To Mobile Office Government Data Storage Patch Management Office Tips Training Private Cloud IT solutions Entertainment Gmail Website Budget Servers Settings Bring Your Own Device Data Management Work/Life Balance Two-factor Authentication Infrastructure Data Security Voice over Internet Protocol Mouse HaaS Google Drive Flexibility Avoiding Downtime Marketing Vulnerability Wireless Windows 7 WiFi Word Lithium-ion battery RMM Save Time Telephone System Staff Software as a Service USB Machine Learning Vendor Management Connectivity Firewall Remote Work Cleaning Virtual Reality Apple End of Support Social Education Physical Security Safety User Error Sports Meetings HIPAA Redundancy Data Protection Vendor Keyboard Managed Services Display Risk Management Hacker Conferencing Scam The Internet of Things Employee/Employer Relationship Virtual Assistant Wireless Technology SharePoint Solid State Drive Printer IT Management How to Downtime Authentication Bluetooth Computing Botnet IT Plan Data storage Customer Service Environment Automobile Unsupported Software Update IT Consultant Fax Server Charger Digital Signage Computing Infrastructure Going Green Google Docs Humor SaaS Compliance Identity Theft Computer Care OneNote Current Events Procurement Battery Telephony Shadow IT Samsung Workplace Strategy Network Congestion Net Neutrality Legal Augmented Reality eWaste Help Desk Fraud Internet Exlporer Value Printing Remote Worker Spam Blocking Electronic Medical Records PDF Cryptocurrency Wearable Technology Managed Services Provider Retail Hard Drives Hiring/Firing Proactive IT Instant Messaging Database Virus Excel Comparison Robot Remote Workers Unified Threat Management Best Practice YouTube CES Biometrics Computer Accessories Black Market Virtual Desktop Processor Business Technology Content Management Business Intelligence Access Control DDoS Hard Drive Document Management Audit Worker Public Computer Copiers 5G Regulations Virtual Private Network Distributed Denial of Service Transportation Quick Tip Workforce Customer Relationship Management Ergonomics Cables Analyitcs Smartwatch Files Computer Fan Rootkit Chromecast Development Programming OLED Printer Server Virtual Machine Project Management Workers Nanotechnology Benefits PCI DSS Telecommuting 2FA Cortana Fiber Optics Employee Colocation FENG Uninterrupted Power Supply IBM Digital Signature Antivirus Messaging Cabling Hypervisor Windows 8 Flash Warranty Monitor Smart Technology Policy Dark mode Google Apps IT service Trend Micro HVAC Software Tips Supercomputer Analysis SMS Default App Saving Time Tablet Sync Administrator Reputation Emails Devices Streaming Media Procedure dark theme Domains Shopping Content Google Search Enterprise Content Management Tech Support Techology MSP Laptop Accountants AI IT Infrastructure Bing Microchip Customers Netflix Thought Leadership IaaS Two Factor Authentication FinTech Credit Cards Maintenance Password Manager Social Network Bloatware Audiobook Consultant Root Cause Analysis Password Management Analytics HBO Touchpad Knowledge Music Multi-Factor Security Investment Employee/Employer Relationships Tablets Skype Search Engine Twitter Employees Windows 365 Business Mangement Entrepreneur Politics Best Available ISP Advertising Data loss NIST Outlook Leadership Smart Tech Troubleshooting Video Conferencing Trending WIndows 7 ROI Bitcoin Start Menu Shortcuts Addiction Notifications Sales Amazon Shortcut Loyalty Point of Sale Recycling Personal Cost Management Cryptomining Screen Mirroring Frequently Asked Questions Wiring Practices Books Supply Chain Management Social Networking Batteries Mobile Relocation Windows 10s Cache Monitoring Amazon Web Services Safe Mode Windows 8.1 Criminal Digitize Cast Video Games PowerPoint Tip of the week GDPR Windows Media Player webinar Hosted Computing Running Cable Emergency User Windows Server 2008 R2 Online Shopping Memory Worker Commute Professional Services Public Cloud Wireless Internet Employer Employee Relationship Customer relationships File Sharing Assessment Email Best Practices IT Assessment Experience Manufacturing Scalability Windows Server 2008 Camera Inventory Specifications Managing Stress Evernote Managed IT Service Business Owner Tools Security Cameras Wire Computer Tips NarrowBand Television Virtual CIO OneDrive Travel Biometric Security Cameras Science Search Printers Peripheral Millennials Wireless Charging Using Data iPhone Smart Office Digital Security Cameras

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code