Facebook Pixel

Western Digital My Book Live Hack – KEEP IT DUMB & LOCAL!

In the weeks of June and July 2021, many owners of Western Digital My Book Live external hard drives lost a lot of valuable memories and important files, thanks to some hackers, poorly written software, and internet-connected backup drives. This could have been avoided, very easily. 

Western Digital My Book Live

Western Digital My Book Live – More Complexity, Easier To Mess Up!

All the rage in backup and storage these days is “the cloud”, remote storage.. out there… second star the left kinda thing. They sell you on the idea of being able to access your information from anywhere, and for some folks, that’s a great thing! But if your incredibly valuable family photos can be deleted by some hacker who has access to your drive via your network, then perhaps it’s not the best idea after all.

Around July 23rd, Western Digital My Book Live models connected to the Internet received a factory reset command from a nefarious hacker. The hacker used port scanning to gain access, then exploited a flaw originally found in 2018 to install a script that would run the factory reset command… wiping out the directory of the hard drive. An analysis showed that typically this would require a username and password but somehow, a developer disabled this requirement. There was also evidence that different groups of hackers had exploited different vunerabilities and were in a way battling it out! The losers are the people with internet-connected storage devices. 

Western Digital Stepping Up

Most of the drives affected were discontinued products and illegible for software updates that would have otherwise prevented these attacks. WD though has since stepped up and offered a program where they will do their best to recover your data and then offer you a replacement of the drive with a new product. You can check out their support document here. The affected drives are:

  • My Book Live, SKU WDBACG0030HCH
  • My Book Live, SKU WDBACG0020HCH
  • My Book Live, SKU WDBACG0010HCH
  • My Book Live Duo, SKU WDBVHT0080JCH
  • My Book Live Duo, SKU WDBVHT0060JCH
  • My Book Live Duo, SKU WDBVHT0040JCH

If you have one of those drives, WD and myself for that matter, recommended disconnecting it from the Internet, then follow up with WD for further action. 

Western Digital Live Hack

Simple Solution

It’s funny how the WD recommendation of disconnecting your drive from the internet is what should have been done in the first place… in fact.. just don’t buy any sort of internet-connected backup drive m’kay? Sure, if you really need a “media center” to store movies and such to watch from other computers, sure.. but don’t ever make that your BACK UP. 

This is the same advice I give to proponents of the iCloud backup. It’s a secure and convenient backup solution but this does not mean you shouldn’t still have a local backup. The key to this local backup is the KISS principle, Keep It Simple Stupid! Don’t go and buy some fancy internet-connected cloudy drive, don’t get some biometric-enabled encrypted drive, don’t go get a RAID array… get a SIMPLE external hard drive that is nothing but a standard SATA drive in a simple powered case.. and look.. Memory Express has a 1TB for like $60

Along with that simple drive, use the stupid simple software that Apple provides for free, Time Machine. It’s so simple, all you gotta do is unpackage that drive, plug it in, and say “yes” to the prompts that say to use it as your Time Machine drive. DONE. 

The best part is ain’t no hacker going to connect and do a factory reset…

Need help setting up your backup solution? Contact us!

 

Follow me
Ryszard (Rick) Gold, From Calgary, Alberta, Canada has over 20 years of experience working with Apple products in a technical capacity. Passionate about technology in general, his natural troubleshooting abilities, curiosity and appreciation of good design lead him into working exclusively with Apple Computer products.
Ryszard Gold
Follow me

Facebook Comments