Protecting Your NAS from Ransomware

Protecting Your NAS from Ransomware

Ransomware is a cryptovirology attack carried out using covertly installed malware that encrypts the victim’s files and then requests a ransom payment in return for the decryption key that is needed to recover the encrypted files. Wide-ranging attacks involving encryption-based ransomware (also known as locker) began to increase through Trojans in the past few years. This also becomes a rising threat against both business and home users that targets computers and network-based devices.

Locker is a file-encrypting ransomware (CryptoLocker, CTB Locker, TeslaCrypt, and others) that encrypts files found on local drives, removable drives, mapped network drives, and even Dropbox mappings. Victims will be extorted a ransom to decrypt the affected files, or they will be unable to open the affect files ever again. A simple yet effective method of mitigating the threat of ransomware is to ensure that you always have backups with versioning. Therefore, I will show you how to protect your data on your QNAP NAS from ransomware by using QNAP’s snapshot feature.

First of all, while creating your storage volume, be sure to choose either “Thick Multiple Volume” or “Thin Multiple Volume” that both support snapshot.

1

Upon finishing, refer to this tutorial and create a weekly, daily or even hourly snapshot schedule for your NAS.

snapshot_agent_22

In the event of a ransomware attack and your files are encrypted by ransomware, then you can easily revert the entire storage volume to a previous state which has not been effected by ransomware. Or you can also choose to restore any specific file to a previous version and overwrite the encrypted file.

restore_file

In conclusion, to avoid or minimize the damage from ransomware, it is always important to keep you NAS system up-to-date. In addition, to deploy and maintain a comprehensive backup solution with versioning, and also has the ability to quickly revert to a previous version is as important.

 

7422 Total Views 14 Views Today
There are 3 comments for this article
  1. Gijs at 4:35 pm

    If someone is using QSYNC with versioning and files at the pc and ransomeware is encrypting your files, wouldn’t it be possible to revert all the changes by getting a previous version back from the NAS?

Leave a Reply

Your email address will not be published. Required fields are marked *

20 − 19 =