How to remove Synology NAS Ransomware from your system

Transcription

How to remove Synology NAS Ransomware from your system
How to remove Synology NAS Ransomware
from your system?
Guide to Protect Synology NAS Against Ransomware Attack
New cyber-security report sheds light on the current Ransomware attack
resurgence on Synology NAS (Network Attached Storage) systems.
Understanding Synology?
Synology is a Taiwan headquartered storage vendor that specializes in Network
Attached Storage (NAS) appliances. NAS is a computer data storage server that
provides data access to heterogeneous group of clients.
This renowned Corporation was founded in January 2000 & distributes products
worldwide.
Synology Ransomware
Recent research revealed that Synology owners discovered that all the files in
their NAS systems were encrypted. Hence, users of Synology NAS were warned to
strengthen the passwords to their Network attached storage.
Threat Behaviour
Investigations revealed that the attackers breached Synology NAS’s login interface
via brute force or so called dictionary attacks and stole admin’s credentials. Once
the guessed password matched with the default password, the attackers gained
access to the NAS device and encrypted all the files on their NAS system. These
cyber criminals demanded 0.06 Bitcoin, now worth $583 to restore the encrypted
data.
It is believed that attackers leveraged botnet address to hide the real source IP.
Similar attacks in the recent past
Cyber criminals have been targeting internet facing NAS devices using similar
methods from a variety of other vendors. For instance, attack on Taiwanese
vendor QNAP’s NAS grabbed the headlines lately. Ransomware known as
eCh0raix targeted QNAP NASes that had weak passwords or old operating
systems. These infringements remind us to take security of our NAS devices
rather seriously.
How to protect Synology NAS from Ransomware Attack ?
It is believed that there is no tool available to decrypt the encrypted files. Hence,
victims are advised to stay vigilant of this nasty trap as there is no way they can
get the data back unless they have its backup.
To enhance system security, Synology users are recommended to leverage
account management settings & built-in network.
1. Update Disk Station Manager (DSM): DSM is an intuitive web-based
operating system for every Synology NAS, designed to help you manage
your digital assets across home and office.
Periodically, Synology releases free DSM updates. Updates may include
function improvements, new features, performance enhancements, critical
bug fixes and security patches for system stability. Hence, upgrading DSM
ensures data security.
2. Strong Passwords: Synology has a feature that allows its users to enforce
strong passwords. Using complex passwords prevents dictionary attacks to
a great extent. To ensure system security you can:
• Enable Auto Block in Control Panel to block IP addresses with too
many failed login attempts.
• Run Security Advisor to ensure there is no weak password in the
system.
3. Enable two-step verification: Enabling two-step verification prevents users
from internet based attack as the probability to surpass it is almost
negligible.
4. Disable the system default "admin" account: Users are recommended to
create a new account in administrator group and disable the system default
"admin" account to prevent network breach.
5. Backup: It is vital that you make offsite backups of the data to protect your
data from network threats, unexpected hardware failure, and natural
disasters. Moreover, you are advised to give read only access to your
backup folders to avoid any discrepancies.
Ransomware attack has become a growing threat to small offices & home users
that are deprived of sophisticated defence systems. Internet based attacks in
particular have grabbed the news headlines lately. The responsibility of putting an
end to malware infections lies in the hands of users. Cautious attitude can save
them from a huge loss. After all for every cyber-attack, there is a human cost.
Resource Link : https://www.virusremovalguidelines.com/ransomware/how-toremove-synology-nas-ransomware-from-your-system