Unplug Your WD MyBook Now

Category

Vulnerabilities

Risk Level

Risk Level 4.png
 

If you use a WD MyBook Live or MyBook Live Duo, you should go unplug it now. Hackers are wiping all of the data on them, and you may lose years of files and irreplaceable pictures.

“Wait so what’s happening?”

If your computer has filled up, you may have purchased an external hard drive to store your data. You may also be using an external hard drive to backup your computer, like with Time Machine on Mac or Backup on Windows.

There are many companies who sell external hard drives - one of the most popular is Western Digital, or WD for short. WD previously sold an external hard drive called the “MyBook Live” and “MyBook Live Duo” that you could plug in an ethernet cord and access the external drive, and you data, from outside your home. This may be useful if you’re trying to pull up pictures to show your grandparents, or access a file while on the go.

“Ok but how are hackers wiping the data?”

We say this time and time again about the world of IT: just because something works doesn’t mean it works securely. This is absolutely the case as WD actually made the software that powers the MyBook Live and MyBook Live Duo end-of-life back in 2015.

We’ve talked about this concept before, but the general idea is that at a certain point companies will stop developing a product and releasing any updates that can prevent cybersecurity issues. A good example of this is Windows 7, where Microsoft has stopped any work on the decade old operating system in favor of using its resources to develop new operating systems, like Windows 11.

With WD having stopped all work on the software that powers the MyBook Live and MyBook Live Duo, cybersecurity researchers were able to identify a way to access the external hard drives back in 2018, which meant it was only a matter of time until hackers took advantage of it, and are they ever. They’re logging into the devices from elsewhere in the world and erasing all of the data for no reason other than “fun,” but don’t be surprised if they start using ransomware to start holding the data hostage soon. So even though the external hard drives are still working, they absolutely have not been working securely for the past three years.

“So what do I do?”

First, if you own one of these external hard drives, disconnect it from the internet right away. You may be able to use it as only a “local” external drive moving forward (i.e. connected via USB), but since this is a “smart” drive with extra software on it, you may still be at risk.

From here you have two options:

  1. Buy a new “dumb” external hard drive - one that can only be accessed when you’re at home - and then transfer your data over from your MyBook Live or MyBook Live Duo. This helps keep your data protected from the outside world, but remember to keep the computer it’s connected to updated!

  2. If you need remote access to your data, buy a newer external hard drive that is still supported, and transfer your data over from your MyBook Live or MyBook Live Duo. Just be aware that in a few years, the company may make it end-of-life and you’ll need to upgrade again to keep you and your data protected.

“Anything else I should know?”

Yes! Keep your IT devices updated, including your computers, TV’s, and smart devices. If they are no longer receiving updates, stop using them, or make sure they are no longer connected to the internet.

Your organization likely suffers from vulnerabilities it may not even know about. Our Vulnerability Assessment can quickly identify end-of-life hardware and software that may be putting your team at risk. Contact us today for a free meeting and keep hackers out of your business.

 

Follow us - stay ahead.


Read more of the ACT

Previous
Previous

Yes, People Are Really Still Using These Versions of Windows…

Next
Next

Don’t Let Ransomware Corrupt Your Data Completely