Synology® Urges All Users to Take Immediate Action to Protect Data from Ransomware Attack
Protect your organization against ransomware
As ransomware attacks cost organizations more than $1 billion in 2023 alone, more than double the previous year,1 data protection plans with fast restoration options are crucial for mitigating the impact of ransomware and other forms of cybercrime.
In January 31st 2025, Tata Technologies discovered ransomware incident; investigation ongoing: Report. A ransomware incident affected some IT services at Tata Technologies, but client delivery services were not compromised, according to a company filing. for more details check The Hindu
Synology® recently found that several users were under a ransomware attack, where admins’ credentials were stolen by brute-force login attacks, and their data was encrypted as a result. Synology investigated and found that the causes of these attacks were due to dictionary attacks instead of specific system vulnerabilities. This large-scale attack was targeted at various NAS models from different vendors; therefore, Synology strongly recommends users check their network and account settings to protect data from ransomware.
"We believe this is an organized attack. After an intensive investigation into this matter, we found that the attacker used botnet addresses to hide the real source IP," said Ken Lee, Manager of Security Incident Response Team at Synology Inc. "After collecting admin account passwords with brute-force attacks, the attack was launched on July 19 and caught users off guard. We therefore informed TWCERT/CC and CERT/CC immediately of this matter in hopes of accelerating the collaborative efforts to resolve this incident."
Since this attack is not related to system security vulnerabilities, it is recommended that Synology users utilize built-in network and account management settings to enhance system security level, preventing malicious attacks from the Internet.
"We urge all Synology users to take immediate action to protect their NAS from the ransomware attack," said Hewitt Lee, Director of Product Management at Synology Inc. "Users’ data security is always our priority. For those who are not using Synology NAS, we still recommend you take corresponding actions to protect your precious data."
Please make sure you go through the checklist below:
• Use a complex and strong password, and Apply password strength rules to all users.
• Create a new account in administrator group and disable the system default "admin" account.
• Enable Auto Block in Control Panel to block IP addresses with too many failed login attempts.
• Run Security Advisor to make sure there is no weak password in the system.
To ensure the security of your Synology NAS, we strongly recommend you enable Firewall in Control Panel and only allow public ports for services when necessary. You may also want to enable Snapshot to keep your NAS immune to encryption-based ransomware.
Synology Unveils Solutions to Combat Ransomware Threats
The event, along with the launch of the new advanced data management and security solutions against the rising ransomware threats in India also focused on addressing the evolving landscape of data management and security trends
Synology, a global leader in data management and security solutions, today unveiled their new solutions and products aimed at addressing the growing challenge posed by ransomware attacks in a press briefing in New Delhi on Wednesday.
The event, along with the launch of the new advanced data management and security solutions against the rising ransomware threats in India also focused on addressing the evolving landscape of data management and security trends, particularly in the context of the Indian market.
Graph I. Russell Chen, Country Manager of Synology SAARC region
With the enactment of the Digital Personal Data Protection Act (DPDPA) continuing to shape data management practices for businesses in India, Synology shed light on the challenges faced by small and medium-sized enterprises (SMEs) in adhering to stricter data governance requirements. These include data breach notification protocols, data subject rights management, and the appointment of Data Protection Officers (DPOs) in certain cases.
In addition to addressing compliance challenges related to stricter DPDPA requirements, the event also focused on pressing cybersecurity concerns. These included recent data breaches such as the Polycab and AIIMS incidents, in which it took AIIMS more than 2 weeks to fully recover the data and operations, ransomware attacks targeting Indian businesses, and cloud security risks associated with data residency and provider trustworthiness.
A live session was also conducted demonstrating Synology’s exclusive backup solutions from the Active Backup Suite and Snapshot Replication. This showcase highlighted practical approaches, including prevention of malicious access, backup solutions addressing accidental deletion and ransomware threats, and streamlined data recovery processes. The emphasis was on the importance of a comprehensive backup strategy in combating ransomware attacks. Amongst the key highlights, three critical phases of a robust data protection process using Synology's dedicated solutions were showcased:
Prevention for ransomware attacks:
Secure SignIn, a secure login framework designed to enhance account security of Synology DiskStation Manager (DSM), the operating system that powers every Synology NAS. This feature verifies sign-ins using multiple methods, including approved sign-ins, verification codes (OTP), and hardware security keys. By implementing these security measures, businesses can significantly reduce the risk of unauthorized access and potential ransomware attacks.
Centralized data protection alleviating deployment burdens:
Active Backup for Business, an all-in-one data protection solution, was highlighted for its ability to centralize protection across diverse IT environments. This solution covers virtualized environments, physical servers, file servers, and personal computers, all powered by Synology's award-winning DSM operating system. Synology showcased how administrators can efficiently deploy and manage data protection strategies through a centralized admin console, ensuring comprehensive backup coverage and seamless continuity of operations.
Key to effective backup: Comprehensive, streamlined data recovery:
During the demonstration, Snapshot Replication efficiently streamlined data recovery, providing robust backup capabilities against threats like accidental deletion and viruses. With a simulated ransomware attack by installing ransomware, followed by a swift data recovery conducted through Snapshot Replication, the backup solutions’ effectiveness in restoring systems to a previous state was showcased and emphasized that only a rapid, comprehensive data solution is effective for enterprises.
Administrators can configure scheduled snapshots and retention settings, ensuring efficient data management and recovery, even in scenarios where ransomware attacks occur.
The comprehensive product lines from Synology were also on display, designed to meet the needs for SMBs to enterprise-level storage and data protection requirements. Among the offerings, the highlight was the newly launched flagship high-density storage server HD6500, capable of providing up to 4.8 Petabyte of storage capacity, which could serve not only a central repository for files but a backup pool for large enterprise organizations. Synology demonstrated its dedication to offering reliable, scalable, and complete solutions tailored to diverse business needs.
Graph II. The 4U, 60-bay HD6500 streamlines petabyte-level storage with support for up to 960 TB per chassis and can be easily paired with up to 4 additional RX6022sas 60 bay expansion units for over 4 PB of storage in 20U.
"Synology experienced an impressive 20% market growth last year, driven mainly by the increasing demand from SMBs and enterprises. The surge in demand for Synology's backup solutions, exceeding 20%, can be attributed to India's emergence as a prominent data center hub in the region. This growth has been further fueled by government initiatives encouraging businesses to allocate a greater portion of their IT budget towards security,” said Russell Chen, Country Manager at Synology SAARC region at the launch event.
"The landscape of data management and security is evolving rapidly, compelling businesses to remain ahead of the trend to ensure compliance and safeguard sensitive information." said Russell Chen. "Our event aimed to provide insights into the latest industry trends and emerging technologies, empowering businesses with the knowledge to effectively protect their data."
Graph III. Russell Chen demonstrated Synology’s comprehensive data protection solutions - Active Backup Suite and Snapshot Replication - including prevention, data backup, and recovery processes.
"Synology anticipates another year of substantial growth in the enterprise segment, driven by the market's attention to new technologies and the corresponding storage and backup needs," said Russell Chen. "We're thrilled to announce that we have additional innovative solutions and hardware in development for later this year. Stay tuned for updates, as these upcoming releases will empower businesses to effectively navigate the evolving landscape of data challenges in the future,”
*** END OF THE ARTICLE ***
