Synology is urging all users to take immediate action in protecting their data against ransomware attacks.
In a recent press statement, the company found that several users had their admin credentials stolen by brute-force login attempts. Subsequently, these attackers would encrypt the user’s data making it inaccessible.
We urge all Synology users to take immediate action to protect their NAS from the ransomware attack. Users’ data security is always our priority. For those who are not using Synology NAS, we still recommend you take corresponding actions to protect your precious data.Hewitt Lee, Director of Product Management at Synology Inc.
Investigations suggest that the cause of these attacks were due to dictionary attacks and Synology has assured users that it is not related to any system security vulnerabilities. This large-scale attack was targeted at various NAS models from different vendors. Therefore, it is still recommended that users check their network and account settings to protect their data from ransomware.
Synology users can utilise the built-in network and account management settings to enhance system security level, preventing malicious attacks from the Internet.
Secure your NAS now
Here’s a checklist that Synology has provided for its users:
- Use a complex and strong password, and Apply password strength rules to all users.
- Create a new account in the administrator group and disable the system default “admin” account.
- Enable Auto Block in Control Panel to block IP addresses with too many failed login attempts.
- Run Security Advisor to make sure there is no weak password in the system.
To ensure the security of the Synology NAS, the company strongly recommend that users enable Firewall in the Control Panel and only allow public ports for services when necessary. The use of 2-step verification will also help to prevent any unauthorized login attempts. Users may also want to enable Snapshot to keep their NAS immune to encryption-based ransomware.
To learn more about ransomware attacks, please visit: https://www.synology.com/solution/ransomware.