Western Digital Asks 'My Book Live' Device Owners to Unplug After Reports of Remotely Wiped Drives

[BikerTX]

Hard lessons learned:
1. Never expose NAS to WAN or any remote access cloud service.
2. Need 3-2-1 backup strategy.
3. Replace EOL devices/software.

Even though I did not fall victim to recent QNAP QTS Qlocker ransomware since I don't expose my NAS devices to a WAN, I got fed up with constant QTS security patches for hardcoded credentials and vulnerabilities, and installed TrueNAS CORE on my QNAP TS-453A and TS-253A. Works better and faster than QTS!

View attachment 1797657

I'm going to do some research but hoping to get some feedback from you folks who seem to know what the heck your talking about.

There's probably a multitude solutions that would great for regular home users and I'd love for some people to lay out some things in layman's terms. Products, steps, processes, etc...
I've built computers can fix and repair many problems with computers but unfortunately have not gotten as knowledgeable on backup's and redundancy, etc..

There are probably other people like me who just got blindsided, my WD drives are not connected and I backup periodically so will definitely kill all internet access to connect them again. Drives I assume could already have malicious software in them possibly.

Any helpful advice would be appreciated, layman's terms please for me and others.

I apologize in advance for not being knowledgeable on the lingo and the technical aspects, I've wasted most of my brain power in the oil & gas and insurance industries and just would greatly appreciate some help or direction.

 

[cmaier]

2nd backup? Not even. From the looks of it, some of them had zero backups. The files on this drive were their only copy.

Drives are super cheap. Backup is super easy - especially on mac. You just literally plug it in. There's no excuse.

Drives cost 50% more per MB than a year ago. Stupid supply chains.

 

[rui no onna]

Drives cost 50% more per MB than a year ago. Stupid supply chains.

Blame cryptomining (Chia). Back in March, I got a couple of Seagate Exos 16TB for $320. Now, they cost double.

 

[cgsnipinva]

If indeed one's only backup is on a drive like that, which can be accessed (and modified) remotely, then it's asking for trouble...
Why would you need constant access to your backup anyways? I can understand a different use case, if it's a media storage, for photos, documents etc., then it makes sense to expose it, but as your backup drive?

Some people use these devices in lieu of using web based cloud services. The idea is they can access their files from one source at home or away and the files are all on a server that they control. They are not used only as back-ups. Now in the manuals that come with these they do recommend doing back-ups of your data to another drive. I have the MyCloud series which is not impacted by this -and it has USB ports that allow me to back up the NAS onto a USB drive that I keep in a safe.

Reading the articles on this - some people didn't lock these down on the settings as they should have as well.

 

[cmaier]

Blame cryptomining (Chia). Back in March, I got a couple of Seagate Exos 16TB for $320. Now, they cost double.

I have two 12-bay Synology NAS’s - a month ago I had several drives go out. I previously bought WD elements 12TB drives for shucking at $209 - now they cost $309. And 8tb barracudas were $120-ish, and now are rarely available even at $160. It’s wild.

 

[elvisimprsntr]

I'm going to do some research but hoping to get some feedback from you folks who seem to know what the heck your talking about.

There's probably a multitude solutions that would great for regular home users and I'd love for some people to lay out some things in layman's terms. Products, steps, processes, etc...
I've built computers can fix and repair many problems with computers but unfortunately have not gotten as knowledgeable on backup's and redundancy, etc..

There are probably other people like me who just got blindsided, my WD drives are not connected and I backup periodically so will definitely kill all internet access to connect them again. Drives I assume could already have malicious software in them possibly.

Any helpful advice would be appreciated, layman's terms please for me and others.

I apologize in advance for not being knowledgeable on the lingo and the technical aspects, I've wasted most of my brain power in the oil & gas and insurance industries and just would greatly appreciate some help or direction.

This might not be the best forum for IT support, but glad to help. The first question to ask yourself is, do I need remote access to my NAS or any other IT appliance on my home network?

If the answer is no, then
1. Make sure router/gateway firmware is up to date.
2. Disable UPnP in your router and appliances, and reboot.
3. Disable any manual port forwards in your router.
4. Disable any NAS remote access cloud access services provided by the manufacturer.

If the answer is yes, then some details about your IT kit will help guide a recommendation.
1. Type of service (home broadband, dsl, LTE, etc.)
2. Static or dynamic IP address. If you don’t know, it’s likely dynamic.
3. Firewall/router manufacturer and model and is it ISP provided or customer owned.
4. Is it running stock OEM or open source firmware.
5. Do you have access to the web interface of the firewall/router to make changes.

Regardless, 3-2-1 backup strategy is
3 copies of data
2 different types of media
1 off site backup

 

[Hemingray]

How are we in 2021 and still people don't understand the 3-2-1 backup strategy? Apparently their data wasn't that important to them.

My backup strategy:
- All computers in the house are backed up to a local NAS and Backblaze.
- NAS is RAID1, and is backed up to a local USB drive, which in turn is also backed up by Backblaze.
- NAS is periodically backed up to a separate USB drive which is kept offsite in a Faraday enclosure.

Overkill? Absolutely. But the chances of me losing my data are such that if I do, we have much, MUCH bigger issues.

 

[panjandrum]

Unfortunately a lot of users see external drives marketed as some form of 'Backup' and don't realize that they are just as prone (even more prone, given the heat most un-fanned external cases develop) to failure as internal storage. Therefore it's very likely that a lot of users put critical data on these drives, and because they are 'backup' devices think that they won't fail, or, in this case get remotely wiped! I see this mentality all the time "oh, you mean I need to backup all my backup drives?" except that they aren't using the backups drives as backups - they are using them as primary storage because they ran out of space internally. I think we are going to see a lot of users lose precious data; especially photo and movie collections, because of this remote vulnerability. Should they have had it internet connected in the first place? No way; that's just begging for trouble like this. Should they have had backups of their external storage? Yep. But ultimately blame an industry that pushes unsafe technologies on unsuspecting users and markets products inappropriately with misleading language. If the word 'backup' wasn't continually used for external drives a lot fewer people would have lost their important data. It remains a word that far too many people don't properly understand and industry should acknowledge this rather than exploit it.

 

[Tech198]

Remote and local folks.....always

backups..,..even multiple drives.. local, not just one you'll scream at when allyour data is lost forever.