Recently appeared ransomware attacks and Synology announced
it has managed to overcome it.
This attack attempts to steal user admin credentials through
brute-force attacks to login access that result in the encryption of user data
on some brands of NAS (Network Attached Storage).
This attack briefly made C&C's server down on 22 July,
before it could finally be addressed thanks to collaborative handling efforts
with international cybersecurity organizations.
Not alone, Synology cooperates with the Taiwan Computer
Emergency Response Team/Coordination Center (TWCERT/CC) in handling the case.
Reflecting on this experience, Synology and TWCERT/CC
encourage all NAS users to strengthen security system settings to keep their
data safe.
Although the current situation is already in control,
Synology recommends all NAS users (whatever the brand is), to strengthen their
data security system through some of the following:
Activate the firewall and connect only to the Internet when
necessary.
Set up 2-step verification to prevent unauthorized sign-in
attempts.
Deactivate the "admin" account on the default
system.
Use a strong password, and apply this rule to all users.
Enable the auto-block feature in the Control Panel to block
IP addresses that are experiencing multiple failures during login.
Run the Synology Security Advisor to ensure there are no
weak passwords in the system.
Perform a multi-version backup using Synology Hyper Backup,
backing up data on your NAS to multiple storage locations, such as in-place
storage, remote folders, and public clouds.
Hopefully, the above steps are able to prevent ransomware
attacks on your system. And, hopefully more brands follow Synology's footsteps
to form a product security team and interact actively with cybersecurity
organizations.
Tidak ada komentar:
Posting Komentar