Does your business use QNAP NAS storage devices?

If so, be aware that the company recently issued an advisory, stating that an unknown group of hackers has begun targeting them specifically with ransomware attacks.

NOTE - 3 recent blogs on QNAP issues: Sept 12, 2020, Sept 30, 2019, and Aug 2, 2019

The advisory reads   

"QNAP Product Security Incident Response Team (PSIRT) has found evidence that the ransomware may attack earlier versions of Photo Station. We are thoroughly investigating the case and will release more information as soon as possible."

If you're not familiar with it, Photo Station is an app that allows users to upload photos to their NAS device and then view them remotely. Unfortunately, even if you don't use the app, hackers can still exploit it, and the fact that it's not something you use regularly (or at all) means that it might not be on your radar of things to keep up to date.

The good news is that an update is available. Although since the app is built into the device, it's not a typical software update, but rather, an update to the firmware.

To save yourself from potential attack, follow these steps

  • Log onto QTS as an Administrator
  • Go to Control Panel, then System, and finally to Firmware Update
  • You'll see an option labeled "Live Update" and in that tab, a button marked "Check for Update"

Just click that button and the system will do the rest.

If you don't want to do it that way, you can update your firmware manually by going to Support and Download Center from the company's website, selecting the file to install based on the specific device you have.

Finally, to update all the apps on your QNAP devices, simply log on as an Administrator, go to your App Center, select "My Apps" and install all updates.

Our perspective

Again, this is something you may not even use, but the fact that it exists on the devices you rely on gives hackers an in, whether you're actively using it or not. Be sure to update right away, just to be safe.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~


By Denis Wilson and Melissa Stockwell

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI'm Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people/process/technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective office productivity and out-sourced service solutions for over 20 years, focusing principally on manufacturing, professional services, and healthcare.  Our hallmarks are cloud and on-premises network reliability, cost-effective cybersecurity, and livable small business regulatory compliance.

I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association

Used with permission from Article Aggregator