No fewer than 70 percent of internet-connected Seagate NAS hard drives have been compromised by a single malware program. That’s a pretty startling figure. Security vendor Sophos says the bitcoin-mining malware Miner-C is the culprit.

I’m surprised this story hasn’t garnered more attention. Perhaps it’s because we’re talking only 7,000 hard drives possibly in total, or perhaps it’s because the mainstream media doesn’t understand what NAS means. Either way, it has colossal implications. Apparently, storage admins:

  • Aren’t very diligent about scanning for malware
  • Fail to change default NAS passwords
  • Allow direct connections to their huge network storage arrays without another authentication requirement
  • Put their companies at risk of attack by malicious intruders

More to the point, this attack means that over the last 13 years we’ve learned nothing. We are no more prepared for a bad malware outbreak than before. We’re lucky that Miner-C program is only a bitcoin miner. It’s bad. It’s unethical. It’s illegal. But it’s not intentionally killing data and bringing down businesses.

To read this article in full or to leave a comment, please click here

Source: Security