Synology vulnerability

Some users have apparently been reporting that their Synology NAS’s have been hacked into, and taken over for ransom. This is similar to the cryptolocker virus that had been making rounds recently and is very nasty. Some people have been reporting it in the Synology forums, but as of now, there is no patch for the Synology software. In the meantime there are a couple of things you can do to help prevent this from happening. First, pick really good, secure passwords, in fact, I’d take a look at the XKCD comic that may be useful when picking a strong password. Secondly, don’t connect yours directly to the internet. That means if you are connecting one from home, put it behind your router, which usually have a basic firewall set up. If you have any port forwarding set up, I’d disable that too until we hear from Synology. As always, if you have data on your Synology that you consider irreplaceable, make sure that you have it backed up too. I’d recommend using the built in Amazon S3 client. It’s cheap and fairly easy to set up, and should help you in case of a disaster. 

Link to discussion on Hacker News:

https://news.ycombinator.com/item?id=8128521

Leave a Reply

Your email address will not be published. Required fields are marked *