QNAP: Get NAS Devices Off the Internet Now

There are active ransomware and brute-force attacks being launched against internet-exposed, network-attached storage devices, the device maker warned.

Get your internet-exposed, network-attached storage (NAS) devices off the internet now, Taiwanese manufacturer QNAP warns: Ransomware and brute-force attacks are widely targeting all network devices.

“The most vulnerable victims will be those devices exposed to the Internet without any protection,” QNAP said on Friday, urging all QNAP NAS users to follow security-setting instructions that the Taiwanese NAS maker included in its alert.

First off, to check whether your NAS is exposed to the internet, QNAP instructed device owners to open the device’s Security Counselor: a built-in security portal that integrates anti-virus and anti-malware software.

“Your NAS is exposed to the Internet and at high risk if there shows ‘The System Administration service can be directly accessible from an external IP address via the following protocols: HTTP’ on the dashboard.” —QNAP

High-risk Security Counselor setting. Source: QNAP.

QNAP directed customers to this site to figure out which router ports are exposed to the internet.

Fending Off Attacks Against Exposed NAS Devices

If your NAS device turns out

Read More: https://threatpost.com/qnap-nas-devices-ransomware-attacks/177452/