Network-attached storage devices have more security holes than routers

Network-attached storage (NAS) devices are reportedly more vulnerable compared to home routers, a new security report has revealed.

According to security mettle-detectors Independent Security Evaluators, of the overall devices analysed from ten manufacturers, almost all of them were found to be vulnerable.

Independent Security Evaluators security analyst Jacob Holcomb told PCWorld: "There wasn’t one device that I literally couldn’t take over.

"At least 50 percent of them can be exploited without authentication."

During the experiments, Holcomb evaluated devices including Asustor’s AS-602T, TRENDnet’s TN-200 and TN-200T1, QNAP’s TS-870, Seagate’s BlackArmor 1BW5A3-570, Netgear’s ReadyNAS104, D-LINK’s DNS-345, Lenovo’s IX4-300D, Buffalo’s TeraStation 5600, Western Digital’s MyCloud EX4 and ZyXEL’s NSA325 v2.

To date, the security organisation MITRE has allotted 22 Common Vulnerabilities and Exposures (CVE) for the issues.

Further, hackers can more likely access router from internet than a NAS system, and by hacking these storage devices, hackers would also be able to take over traffic from other devices on the same network using techniques such as ARP spoofing.

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing