Hackers Delete Home Backups Remotely (WD My Book Live Flaw)

2 minute read | Last updated 25-Jun-2021 |IoT, Security

Some WD My Book Live users had a shock this week as hackers remotely wiped their data.

There is a remote code execution vulnerability (a/k/a the attack can run programs on your device) in these out of support devices.

What does this mean for your backup? Learn more in this short…

Transcript

Some users of Western Digital’s “My Book Live” devices got a shock this week as their data was remotely deleted by a malicious actor.

[00:00:07] Now, these devices are older and they’re out of active support from the company’s point of view.

When you buy storage for your home network, though, it’s usually for the long-term. You connect it and forget about it until you need the data.

[00:00:17] And that’s a really good user backup experience. But as these devices are no longer supported by the manufacturer, they actually become more of a risk to you.

That lack of support leaves this remote command execution vulnerability open forever.

The reality is that you haven’t bought a backup drive.

[00:00:32] You bought a complete server with all the maintenance and operational support that that implies…which is a lot.

Backups are critical.

They protect you against ransomware, hardware failure, and simple mistakes.

[00:00:42] Make sure that your system is current, fully supported for the long term.

And please test it regularly.

References

• WD’s support article for the issue
• “I’m totally screwed.” WD My Book Live users wake up to find their data deleted by Dan Goodin for Ars Technica
• The Verge with, Unplug your WD My Book Live, or you might find your drive’s data wiped