{"id":17233,"date":"2021-06-28T17:03:31","date_gmt":"2021-06-28T15:03:31","guid":{"rendered":"https:\/\/www.kaspersky.fr\/blog\/?p=17233"},"modified":"2022-05-05T13:39:59","modified_gmt":"2022-05-05T11:39:59","slug":"wd-my-book-remote-wipe","status":"publish","type":"post","link":"https:\/\/www.kaspersky.fr\/blog\/wd-my-book-remote-wipe\/17233\/","title":{"rendered":"Coupez la connexion Internet du NAS WD My Book Live imm\u00e9diatement"},"content":{"rendered":"

De nombreux utilisateurs de Western Digital My Book ont vu leur appareil r\u00e9initialis\u00e9 aux param\u00e8tres d\u2019usine, mais pas que\u00a0: leurs donn\u00e9es ont \u00e9galement \u00e9t\u00e9 supprim\u00e9es. On ne sait toujours pas si l\u2019attaque est due \u00e0 une d\u00e9faillance technique ou s\u2019il s\u2019agit d\u2019un piratage, mais nous recommandons \u00e0 tous les utilisateurs de couper la connexion Internet des disques durs My Book Live et My Book Live Duo, du moins jusqu\u2019\u00e0 ce que le vendeur communique plus d\u2019informations quant \u00e0 cet incident.<\/p>\n

Qu\u2019est-il arriv\u00e9 aux disques durs WD My Book Live<\/h2>\n

Selon Bleeping Computer<\/a>, une analyse de logs a r\u00e9v\u00e9l\u00e9 que les dispositifs ont re\u00e7u une commande \u00e0 distance pour faire une r\u00e9initialisation compl\u00e8te, ce qui a entra\u00een\u00e9 l\u2019effacement complet des disques touch\u00e9s.<\/p>\n

De plus, selon le service d\u2019assistance de Western Digital<\/a>, les appareils ont \u00e9t\u00e9 compromis \u00e0 cause d\u2019une vuln\u00e9rabilit\u00e9 RCE (ex\u00e9cution du code \u00e0 distance<\/a>). L\u2019assistance de WD pense qu\u2019il s\u2019agit de la vuln\u00e9rabilit\u00e9 CVE-2018-18472<\/a>, d\u00e9couverte en 2018, qui peut \u00eatre exploit\u00e9e par n\u2019importe quel malfaiteur qui connait l\u2019adresse IP exacte d\u2019un appareil WD My Book Live. Selon les experts, il s\u2019agit d\u2019une vuln\u00e9rabilit\u00e9 critique de niveau 9.8.<\/p>\n

Pourquoi les disques durs My Book Live sont vuln\u00e9rables<\/h2>\n

Les disques durs WD My Book Live sont des serveurs de stockage en r\u00e9seau (NAS). Tr\u00e8s utilis\u00e9s par les particuliers et les petites entreprises, ils permettent d\u2019acc\u00e9der \u00e0 distance aux donn\u00e9es stock\u00e9es et de cr\u00e9er une copie de sauvegarde. Afin de fonctionner correctement, les dispositifs requi\u00e8rent une connexion Internet stable pour pouvoir acc\u00e9der au Cloud My Book Live.<\/p>\n

De plus, selon le communiqu\u00e9 de Western Digital<\/a>, aucune mise \u00e0 jour n\u2019a \u00e9t\u00e9 publi\u00e9e depuis 2015 pour les disques My Book Live et My Book Live Duo, c\u2019est-\u00e0-dire bien avant la d\u00e9couverte de la vuln\u00e9rabilit\u00e9 CVE-2018-18472.<\/p>\n

Western Digital continue d\u2019enqu\u00eater sur l\u2019incident et promet de communiquer des d\u00e9tails sous peu.<\/p>\n

Comment prot\u00e9ger vos donn\u00e9es sur les disques My Book Live<\/h2>\n

Tout d\u2019abord, d\u00e9connectez votre My Book Live ou votre My Book Live Duo d\u00e8s que possible. Si les param\u00e8tres du routeur posent probl\u00e8me, d\u00e9branchez le disque vous-m\u00eame puis param\u00e9trez le routeur correctement.<\/p>\n

Attendez des nouvelles de Western Digital. L\u2019entreprise pourrait corriger la vuln\u00e9rabilit\u00e9 ou peut-\u00eatre m\u00eame restaurer les donn\u00e9es perdues.<\/p>\n

En r\u00e8gle g\u00e9n\u00e9rale, nous recommandons d\u2019utiliser des solutions non connect\u00e9es \u00e0 Internet pour cr\u00e9er et stocker des sauvegardes de donn\u00e9es importantes. Cet isolement vous emp\u00eache d\u2019acc\u00e9der \u00e0 distance \u00e0 vos sauvegardes, mais il emp\u00eache aussi les autres de le faire.<\/p>\n

Il existe des solutions de s\u00e9curit\u00e9<\/a>\u00a0qui permettent d\u2019automatiser le processus de sauvegarde.<\/p>\n\n

\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

Certains serveurs de stockage en r\u00e9seau de WD ont \u00e9t\u00e9 r\u00e9initialis\u00e9s et les propri\u00e9taires ont perdu toutes leurs donn\u00e9es. Voici comment prot\u00e9ger votre NAS WD My Book Live. <\/p>\n","protected":false},"author":2706,"featured_media":17234,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2112,686,3151],"tags":[4005,1098,552,841,4155,60],"class_list":{"0":"post-17233","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-threats","9":"category-smb","10":"tag-acces-a-distance","11":"tag-ido","12":"tag-internet-des-objets","13":"tag-iot","14":"tag-nas","15":"tag-vulnerabilite"},"hreflang":[{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/wd-my-book-remote-wipe\/17233\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/wd-my-book-remote-wipe\/23009\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/wd-my-book-remote-wipe\/18492\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/wd-my-book-remote-wipe\/24958\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/wd-my-book-remote-wipe\/22968\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/wd-my-book-remote-wipe\/22180\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/wd-my-book-remote-wipe\/25540\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/wd-my-book-remote-wipe\/25000\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/wd-my-book-remote-wipe\/30970\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/wd-my-book-remote-wipe\/9782\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/wd-my-book-remote-wipe\/40392\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/wd-my-book-remote-wipe\/17698\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/wd-my-book-remote-wipe\/14973\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/wd-my-book-remote-wipe\/26976\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/wd-my-book-remote-wipe\/31129\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/wd-my-book-remote-wipe\/27224\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/wd-my-book-remote-wipe\/24040\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/wd-my-book-remote-wipe\/29385\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/wd-my-book-remote-wipe\/29178\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.fr\/blog\/tag\/internet-des-objets\/","name":"Internet des objets"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17233","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/comments?post=17233"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17233\/revisions"}],"predecessor-version":[{"id":17235,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/posts\/17233\/revisions\/17235"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media\/17234"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/media?parent=17233"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/categories?post=17233"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.fr\/blog\/wp-json\/wp\/v2\/tags?post=17233"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}