NAS drives are a worth considering alternative to cloud services for users who want to keep full control over their own data. But attackers are also increasingly targeting practical network storage. Blackmail Trojans attempt to encrypt the NAS and demand a ransom from the owners - this is how you can properly secure your NAS.
NAS drives are practical because they give you a central storage location for all your important data and keep them within your own four walls. No matter whether backups, films, music, photos or data for home office or homeschooling, the central data storage contains many treasures. But there are also security loopholes in NAS drives and you should be careful, especially if you allow access via the Internet.
The NAS manufacturer QNAP is currently warning of ransomware attacks again . The AgeLocker ransom trojan targets NAS drives and completely encrypts the stored content. The blackmailers only want to decrypt the data in return for a Bitcoin payment. You should never respond to such demands. It is better to protect the NAS drive as best you can.
Synology DS-220j (without HDD)
Quick tips to secure your NAS drive
You can easily analyze your NAS configuration with security checks. NAS drives play a central role, similar to routers, they mostly rely on Linux as the operating system and offer their services not only in the home network. If desired, remote access can also work. In this respect, similar security tips apply to securing NAS drives:
Keeping software up-to-date:
Ransomware often exploits security flaws in outdated firmware. Conversely, this means that users should keep their NAS drive as up-to-date as possible. In addition to the operating system, this also applies to the installed apps.
Access to your NAS is password-protected. "123abc" is just as bad for this as it is for protecting your mail account. So choose strong passwords and let a password manager like KeePassXC help you . If the NAS manufacturer offers 2-factor authentication, use this.
KeePassXC is a further development of the popular password manager with browser support.
Disconnect standard users:
Pre-made standard accounts can also be secured with a good password, but it is even better if you create your own user accounts and use them to administer your NAS drive. Attacks on user accounts such as "admin" or "root" are then not possible.
Change standard ports:
For access via HTTP or better of course via HTTPS, you should adjust the standard ports.
If you want to use remote access to your home NAS drive while you are out and about, you shouldn't simply release services to the outside world. Instead, use a VPN or use the special services offered by the provider, such as myQNAPcloud.
Use virus scanner:
Virus scanners are available for NAS drives, such as Malware Remover from QNAP or Antivirus Essential from Synology. Make use of these apps and keep them running regularly.
Make a security check:
Unfortunately, the issue of security is never over. You have to repeatedly question and readjust the strategy. Use built-in options for security checks to check your NAS drive.