Security threats are increasing for Network attached storage (NAS)

Akash jain Estimated Read Time: 4 Minutes

In recent months, attacks on NAS devices have increased many times over, and you have probably thought about how to stop these attacks and recover your data if your NAS is affected. Here are a few things that you need to know about security problems on NAS

1. More security problems and attacks will follow

One of the reasons there is so much malware, brute force and ranwonware targeting network attached storage today is because NAS devices have become a mainstay. The number of NAS devices out there today justifies the time and effort malicious actors spend to plan and execute an attack. No matter what NAS vendors do, attacks will only increase in the future, and you need to be ready for it.

2. The most secure NAS brand

You have probably wondered if there is one NAS brand that is more secure than another. The short answer is none - most of them are equally secure. But there are caveats.

The core of the NAS, the main operating system that powers them, is almost always Linux with some customization (very few run Windows Storage Server). So the core is the same for all NAS brands and has the same tLinux kernel vulnerability , making them equally secure (or insecure) in this area.

Then there are third-party applications that you run on the NAS - for example, Plex or Transmission or php applications. Again, if these 3rd party applications have a security flaw, it affects all brands equally.

Then there are the vendor specific applications - here one NAS OS may have a security advantage over another. But this is not a major advantage. In the future, hackers will primarily target the core Linux vulnerability, so they can attack all NAS devices regardless of brand.

3. You can not mitigate all risks to your NAS

As long as a device is connected to the Internet, there may be a new vulnerability that can be exploited. By the time the manufacturer learns about the new vulnerability and fixes it, you may already be affected.

So remember - you can not mitigate the risk ALL, but you can mitigate the known risks. Thats your Goal - to follow best practices and secure your NAS as much as you can against KNOWN threats so you are a difficult target.


4. A Backup of your backup - the immutable offline copy

On your NAS is your backup that you would have relied on in case of data loss, but now you need another layer of protection. A copy that’s immutable to any bad actor. No malware, virus or ransomware can touch it , because its offline.

The ONLY copy of your data that is truly safe is an offline copy. You can not keep an offline copy of all your data , but divide your data into critical and non-critical, and plan how you want to keep offline copy of your critical data. This can be a copy on TAPE, an RDX hard drive or an external hard drive. RDX docks are easy to connect to your NAS and RDX tapes are easy to handle and back up.

5. you need snapshots to recover the data after ransomware encryption.

Almost all NAS brands offer snapshots in their mid-range and high-end NAS. Snapshots are the best way to recover from ransomware (or accidental deletions/overwrites) because you can restore your data to an earlier point in time. Keep some storage space free for snapshots and enable scheduled snapshots. So far, no ransomware is known to infect block-level disks, so your block-level snapshot can help you recover from ransomware.

6. A brute force attack can even remove your snapshots

The worst attack can be a brute force attack. You know, when someone tries to "guess" your administrator password. If he succeeds, he can get full access to your system, look at your snapshots and do everything an administrator can do.

The good news is that brute force is not very difficult to stop. If you do not have an admin user with the username admin or administrator, use 2FA, use a complex password, and lock the user after more than x failed attempts, you can stop it.

7. look for vulnerabilities outside the NAS.

The vulnerability does not necessarily have to be in your NAS. A hacker can gain access through your router, camera, and even your network-connected printer. If your network is not secure, none of the devices, including your NAS, are secure either.

8. how to secure your NAS

Now the question is how to maximize the protection of your device. Most of the measures you need to take can be summarized as follows: updated firmware, minimizing third-party apps, disabling remote access (except via VPN), enabling snapshots, and disabling the administrator username.

We have written a guide with a few recommendations to make your NAS safer. you can read the guide here

Add a comment