QNAP warns: a large number of brute force attacks have been detected recently

Attached network storage (NAS) manufacturer QNAP recently issued a security warning:

Recently QNAP has received multiple user reports of hackers attempting to log in to QNAP devices using brute-force attacks – where hackers would try every possible password combination of a QNAP device user account. If a simple, weak, or predictable password is used (such as “password” or “12345”) hackers can easily gain access to the device, breaching security, privacy, and confidentiality.

The so-called brute force attack is to log in through a password dictionary and various common weak passwords. If a user happens to use a weak password, it is easy to be hacked.

CVE-2020-2490

Image: QNAP

Of course, even the use of uncommon weak passwords is not safe enough, because brute force attacks may enumerate millions of password combinations to achieve the purpose of intrusion.

Therefore, it is necessary for users not only to use strong passwords but also to disable the default administrator account, which greatly improves server security and reduces the probability of being hacked.

The QNAP server system, QTS, also uses admin as the administrator by default, and most users do not modify this account after purchasing the device.

This means that the attacker only needs to identify this account and always succeed by brute force attack, and continuous brute force attack attempts can also increase the burden on the server.

QNAP stated that it strongly recommends that users modify the default administrator account. Disabling the default administrator account and using other user names can greatly improve security.

In addition, it is not a safe method for users to use the QNAP server via the public network. If users do not need to use the public network, it is best to restrict their public network connection.