How to Protect Your NAS from Ransomware
by Sean Curiel, on Nov 1, 2022 6:00:00 AM
The number of malware variants that specifically target NAS devices appears to be on the rise. Fortunately, being proactive in taking common-sense precautions and utilizing the security features built into your NAS – can go a long way toward stopping Ransomware before it ever has a chance to gain a foothold.
We recommend the following preventative measures to secure your network storage device from ransomware:
Apply Patches, Firmware, and OS Updates
Why make it easy for attackers to make their entrance? Some ransomware variants specifically target weaknesses in NAS operating systems. Keep your NAS firmware current, and NAS operating system up to date, ensuring that known security flaws have been addressed. Firmware updates are generally safe, but it's always a smart idea to back up important data prior to changes in firmware.
Disable the Default Administrator Account
Many NAS manufacturers ship devices with a ready-to-use account with a simple name like “admin”. Disable this account and create a new administrator account that features a more creative Username, and you’ve helped to thwart malware scripts. If you cannot disable it, make sure to create a strong, unique password.
Limit Access To Your NAS
Utilize a firewall so that access is only granted to sources you recognize. Using rules or access control lists you should be able to block suspicious traffic. Enable multi-factor authentication to beef-up your log-in process, create an additional layer of security, and block hackers - even if they have already obtained your login information.
Users with Different Levels of Access
Not everyone needs write access to everything. Your NAS should be able to create users and groups with read-only permission to all folders except those which are absolutely necessary to write to. Find the user management area within your NAS and determine which accounts require modification. Follow the principle of least privilege and restrict accounts as much as possible.
Auto Block IP Addresses with Too Many Login Attempts
Ransomware will often make several attempts to guess your credentials. Monitor your NAS closely, and if it has a feature to automatically block IP addresses which have too many failed login attempts, take advantage of it. And don’t forget to enable logging so that you can track these attempts after the fact.
Restrict External Access to Your NAS
When it comes to the admin interface and making changes to your NAS settings, it may be wise to restrict access to the local network, limited to specific IP addresses, and disable remote connectivity. If necessary, use a VPN to connect to your office network to make changes.
Use A Complex but Memorable Password
When everyone does it – we’ll stop mentioning it! Create passwords using complex phrases that only make sense to you, using numbers, lowercase, uppercase, and special characters. Learn about password strength and also about various methodologies.
Don’t Map Backup Shares as Drive Letters
Ransomware searches for anything exposed on your network. Try not to map your backup shares as drive letters in Windows (it won’t completely protect them due to Windows credential caching, but certainly makes them less inviting).
Backup Your NAS Regularly
There’s an old saying that the only true data protection is keeping multiple copies of it, in different physical locations and formats. It still holds true today. The data that lives on your NAS device should be fully replicated to an offsite target (usually an identical NAS unit) using secure methods.
These are just a handful of precautionary measures from the NovaBACKUP team. Let's chat about your backup environment, and we'll offer additional tips to protect your NAS device from malware. Request a call with a qualified backup expert today!