In August, some Synology NAS device owners reported that their systems had been infected by a malware program called SynoLocker that encrypted their personal files and held them to ransom.
A compromised NAS device could also serve as a pivot point inside the local network to attack other systems, so they wouldn't necessarily have to be compromised from the Internet. Attackers could create Windows malware that scans the local network for vulnerable NAS devices and infects them.
Such compromises would be hard to detect because there are no antivirus or security products running on NAS devices. The compromises would allow attackers to maintain a foothold in the network even if the original Windows malware is later removed.
Sign up for CIO Asia eNewsletters.