Data storage device leaks ATM blueprints

Featured eBooks
Future-Ready Workforce
Read Now

Health Tech

Read Now

AI Applications

Read Now
Insights & Reports
A Mapping Guide for the NIST CSF 2.0
Presented By Forescout Technologies
Download Now
4 steps to successful data governance programs for government
Presented By Carahsoft
Download Now

By

Financial Services

Some so-called network-attached storage drives, used for backing up files on a network, are automatically configured to allow anyone online access.

The “easy share” feature is supposed to make collaboration with other users more convenient. “Although it appears to be a little too convenient: miscreants aware of the ‘share everything’ design flaw are scanning the public internet for vulnerable models, and grabbing sensitive stuff,’” the Register reports.

The product publishes to a public IP address and provides a search function through which anyone connecting to the device using a web browser is able to search the contents of the device.

In the case of the cash machine blueprint breach, a contractor using a company laptop backed up work to a NAS box, which exposed its contents to the Internet – “all thanks to its factory settings,” according to the Register.

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.

Original Report:
www.theregister.co.uk/2014/05/13/nas_security_risk

NEXT STORY: New NIST Guidance: Don't Make Security an Afterthought