Categories
Latest News

Protecting Your NAS from Ransomware

Ransomware is a cryptovirology attack carried out using covertly installed malware that encrypts the victim’s files and then requests a ransom payment in return for the decryption key that is needed to recover the encrypted files. Wide-ranging attacks involving encryption-based ransomware (also known as locker) began to increase through Trojans in the past few years. This also becomes a rising threat against both business and home users that targets computers and network-based devices.

Locker is a file-encrypting ransomware (CryptoLocker, CTB Locker, TeslaCrypt, and others) that encrypts files found on local drives, removable drives, mapped network drives, and even Dropbox mappings. Victims will be extorted a ransom to decrypt the affected files, or they will be unable to open the affect files ever again. A simple yet effective method of mitigating the threat of ransomware is to ensure that you always have backups with versioning. Therefore, I will show you how to protect your data on your QNAP NAS from ransomware by using QNAP’s snapshot feature.

First of all, while creating your storage volume, be sure to choose either “Thick Multiple Volume” or “Thin Multiple Volume” that both support snapshot.

1

Upon finishing, refer to this tutorial and create a weekly, daily or even hourly snapshot schedule for your NAS.

snapshot_agent_22

In the event of a ransomware attack and your files are encrypted by ransomware, then you can easily revert the entire storage volume to a previous state which has not been effected by ransomware. Or you can also choose to restore any specific file to a previous version and overwrite the encrypted file.

restore_file

In conclusion, to avoid or minimize the damage from ransomware, it is always important to keep you NAS system up-to-date. In addition, to deploy and maintain a comprehensive backup solution with versioning, and also has the ability to quickly revert to a previous version is as important.

 

7 comments

  1. If someone is using QSYNC with versioning and files at the pc and ransomeware is encrypting your files, wouldn’t it be possible to revert all the changes by getting a previous version back from the NAS?

  2. Hallo james.
    How can you guarantee – technically – that the snapshots are not encrypted?

  3. you miss very important information that snasphots are NOT supported for ARM based models, very bad qnap!!

    1. Hi, Bart,

      The newer generation ARM is supported in the latest QNAP firmware 4.3.4. You may check it out!

Leave a comment

Your email address will not be published. Required fields are marked *