Recent reports have identified password-guessing ransomware attacks targeting NAS (Network Attached Storage) devices, stealing device admin credentials using brute-force, and encrypting users data. QNAP NAS prevents such attacks with its many data safety and security features, such as powerful login control, network access protection, snapshots, backups, and versioning. Today, not only are we going to learn about how QNAP NAS keeps you safe from such attacks, but the best steps you can take to ensure all of your data is safe and secure from such password-guessing ransomware.
Let’s go over the security features on QNAP NAS that prevent brute-force attacks, and the three steps you can take to utilize them.
1.Extremely Strong Passwords
First and foremost, utilizing extremely strong passwords on your QNAP NAS is highly recommended. Not only is it the first line of defense keeping your NAS safe, meeting the following criteria makes it extremely hard for brute-force attacks to guess your password.
- We recommend that you change your password to meet the following criteria:
- Should be at least 8 characters in length
- Should include both uppercase and lowercase characters
- Should include at least one number and one special character
- Must not be the same as the username or the username reversed
- Must not include characters that are consecutively repeated three or more times
- Here’s how to change your password:
- Log on to QTS as administrator.
- Click the profile picture on the QTS Task Bar.
- The Options window opens.
- Click Change Password.
- Type in your old password.
- Type in your new password.
2. Disable Unnecessary Ports and Services
Next, it is vital to disable any unnecessary ports and any services on your NAS. Doing so prevents bad actors from finding vulnerabilities in your NAS, and blocks them from trying to access your data. If it is not currently in use, we recommend disabling Telnet/SSH, as well as disabling any unnecessary ports that are not currently being used.
3. Network Access Protection
Brute-force attacks use a technique where it continually enters hundreds and thousands of password combinations until it gains entry, and then encrypts and corrupts your data. QNAP NAS keeps you safe from such brute force attacks with Network Access Protection, letting you configure specified time periods in which your NAS is inaccessible, due to a specified number of failed login attempts. It stops brute-force attacks from randomly guessing your password, blocking access to your data.
- Here’s how to enable Network Access Protection on your QNAP NAS:
- Log on to QTS as administrator.
- Go to Control Panel > System > Security > Network Access Protection.
- Select SSH/HTTP/Telnet/FTP/SAMBA/AFP.
- Specify a time period and the number of failed login attempts.
- Click Apply.
Now that we have gone over these steps, you know how to keep your QNAP NAS safe from attacks. Be sure to always use best practices in data safety, including keeping QTS up-to-date, installing Malware Remover,remote/off-site backups, and following the QNAP Security Advisory, where the QNAP Security Response Team continuously investigates all security threats, and releases updates as necessary to safeguard your QNAP NAS from the impact of malware and other attacks.
*If you have any questions regarding this issue, please contact us through the QNAP Helpdesk.