2021-06-24
My Book Network-Attached Storage Devices are Being Remotely Wiped
Users of Western Digital My Book network-attached storage (NAS) devices have been reporting that their devices received a remote factory reset command and that their files have been deleted. Western digital is urging users to disconnect their devices from the Internet while the issue is investigated.
Editor's Note
I will say it yet again: DO NOT EXPOSE NETWORK ATTACHED STORAGE TO THE INTERNET. This is not just a problem with Western Digital. All of these devices have had numerous vulnerabilities. These devices are marketed for simple Internet file sharing, but their rich history of vulnerabilities shows how they should never be used for anything other than internal file sharing.

Johannes Ullrich
Unfortunately, users almost certainly connected these devices directly to the Internet. But we can't blame users for this. They paid a premium for hardware that promised to provide a service. Western Digital suspended the program in 2015, leaving users who wanted to continue to use the devices as advertised with little choice but to expose the devices. Users unwittingly gravitated to the availability leg of the CIA triad (probably without even realizing said triad exists).

Jake Williams
“Remote factory reset command” – what could possibly go wrong? Network-Attached Storage devices should be on a network segment that is not visible to the Internet.
