QNAP has extended support and will keep issuing security updates for some end-of-life (EOL) network-attached storage (NAS) devices until October 2022.
This should provide customers with unsupported devices to upgrade and have their data protected from evolving security threats, the company said in a statement. “EOL models may lack computational capabilities, be short on operational memory, be unable to receive up-to-date component drivers, or possess other technical constraints or deprecated technology,” QNAP said. Customers should not expose EOL NAS devices to the Internet to ensure that attackers will not compromise them using exploits targeting unpatched vulnerabilities, QNAP said.
These advisories are being given in the backdrop of DeadBolt and Qlocker ransomware cyber attacks. These attacks were targetted at Internet-exposed NAS devices. The attacks started on January the 25th 2022 and has spread like wildfire. Since then it has encrypted over 4,300 QNAP NAS devices, where they demand 0.03 bitcoins, worth approximately $1,100, for a decryption key.
“Due to these reasons, QNAP normally maintains security updates for 4 years after a product passes its EOL date. As a special effort to help users protect their devices from today’s security threats, QNAP has extended security updates for some EOL models till October 2022.”
The company added that, while the support date has been moved until October, these EOL devices will only receive security updates addressing high severity and critical vulnerabilities. The spate of ransomware in the cyber landscape of the world and the way it has been impacting the digital world and beyond, has made it a crime, which is dreaded by one and all.
“What all ransomware can attack and in which manner, keeps opening newer and newer ways with every passing incident and week under review.” Sanjay Sahai, formerly with the Indian Police Service and now Founder & Director, TechConPro.
The attempt to get NAS (Network Attached Storage) devices off the internet raises a larger question.
“Security cannot be full proof is what we have always accepted and now the same story is unfolding in the cyber security world. It has been seen in recent times that ransomware attacks can be tied to anything including political protests,” pointed out Sahai.
The Colonial Pipelines and JBS ransomware attacks and the booty these hackers made is known to the whole world. DeadBolt very conspicuously demonstrated how the threat actors can earn a lot of money, while targeting only consumers and small businesses, noted Sahai.
Given the small demand and not interested in getting into the hassle of finding other ways to decrypt data or find a workaround, they did what the hackers wanted. They paid the ransom. Unfortunately, this made the attack very successful. This is a modus operandi they are likely to repeat in the near future, points out Sahai.
Though this attack hogged the limelight, there were other ransomware attacks as well in the week gone by. There was a Conti attack on Apple and Tesla contractor Delta. Besides, this there was also an attack on Belarusian Railway in protest of Russia using Belarusian Railway’s rail transport network to move military units and equipment into the country.
There has also been an increase in attempts by these gangs to recruit insiders, which makes the operations relatively easy.