How to Secure Your Synology NAS from Ransomware
Recently, some Synology owners discovered that all the files on their NAS system were encrypted. Unfortunately, some ransomware infected the NAS demanded payment to restore the data. Here’s what you can do to secure your NAS.
How to Avoid the Ransomware Attack
Synology is warning NAS owners of several ransomware attacks that hit some users recently. The attackers use brute-force methods to guess the default password—essentially, they try every password possible until they get a match. Once they find the right password and gain access to the network-attached storage device, the hackers encrypt all the files and demand a ransom.
You have several options to choose from to prevent attacks like this. You can disable remote access altogether, allowing only local connections. If you need remote access, you could set up a VPN to restrict access to your NAS. And if a VPN isn’t a good option (because of slow networks, for instance), you can harden your remote access options.
Option 1: Disable Remote Access
The most secure option you can choose is disabling remote connection features entirely. If you can’t access your NAS remotely, then neither can a hacker. You will lose some on-the-go convenience, but if you only work with your NAS at home—to watch movies, for instance—then you may not miss the remote features at all.
Most recent Synology NAS units include a QuickConnect feature. QuickConnect takes care of the hard work for enabling remote features. With the feature turned on, you don’t have to set up router port forwarding.
To remove remote access through QuickConnect log in to your NAS interface. Open the control panel and click on the “QuickConnect” option under Connectivity in the sidebar. Uncheck “Enable Quick Connect” then click apply.