Expert Comments On QSnatch Malware Infecting QNAP NAS Devices

Trafficon, the Finnish Transport and Communciation agency & National Cybersecurity Center is reporting that new malware known as QSnatch is infecting Network Attached Storage devices.

 

Experts Comments

November 04, 2019
Bob Noel
VP of Strategic Partnerships
Plixer
Although the mechanisms by which QNAP spreads are unclear at this time, the fact that it steals usernames and passwords for all NAS users is very concerning. Any organization that has fallen victim to this infection must proactively begin to look for credential misuse. Bad actors who have stolen valid credentials will use them to try an gain access to other resources. As a best practice, network traffic analysis (NTA) should be implemented within the organization. NTA can baseline normal.....Read More
Although the mechanisms by which QNAP spreads are unclear at this time, the fact that it steals usernames and passwords for all NAS users is very concerning. Any organization that has fallen victim to this infection must proactively begin to look for credential misuse. Bad actors who have stolen valid credentials will use them to try an gain access to other resources. As a best practice, network traffic analysis (NTA) should be implemented within the organization. NTA can baseline normal credential use, then by applying security algorithms, can identify when bad actors are trying to move laterally and gain a foothold on other resources.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.