Western Digital’s Woes Continue as Researchers Find Vulnerabilities In Newer Products – Review Geek
Just one week after software program vulnerabilities left WD My Book Live customers with hacked and formatted storage drives, a newly found exploit is threatening Western Digital’s My Cloud units. This exploit, which permits hackers to hold out instructions or brick My Cloud NAS models, impacts all merchandise operating the Cloud OS 3 software program, of which there are numerous.
Researchers Radek Domanski and Pedro Ribeiro found that they may remotely entry a My Cloud 3 gadget by pumping it with modified firmware. This isn’t a really tough activity—sure, Cloud OS 3 units require login credentials to carry out a firmware replace, however Domanski and Ribeiro discovered that some WD NAS units comprise a hidden person that isn’t protected by a password.
Now, it’s value mentioning that WD’s Cloud OS 3 is an outdated working system. Most folks utilizing Western Digital NAS models have the choice to replace to Cloud OS 5, which defends in opposition to a number of “classes of attacks,” in line with Western Digital.
Western Digital advises all of its clients to replace to the Cloud OS 5 working system, as it ought to. But many refuse to improve as a result of Cloud OS 5 is missing features which might be obtainable in Cloud OS 3, together with the flexibility to handle information throughout completely different NAS units.
Customers could have purchased their My Cloud NAS unit for options which might be lacking in Cloud OS 5, so you may’t blame them for refusing to improve. On the opposite hand, you can blame Western Digital for not sending out safety patches for Cloud OS 3. Not solely do some clients favor the older OS, however units just like the MyCloud EX2 and EX4 can’t replace to the newer Cloud OS 5.
If you personal a NAS gadget operating Cloud OS 3, you must most likely chunk the bullet, improve to the brand new OS, and create an additional backup in your information simply in case one thing unhealthy occurs. Western Digital clearly can’t be trusted to take gadget safety severely, and hackers are possible trying to find new methods to achieve management over Western Digital NAS models.