A network-attached device (NAS) is a shared storage solution that people can use at home. And just like their commercial counterparts, attackers target them to steal that precious data.
Having your own backup or storage solution on-premise sounds amazing. You don’t have to pay other companies for online space, you can expand it, and you have complete control of your data. It sounds like something everyone should own. But there’s a catch.
Even the most basic NAS solution is not that cheap. Depending on the hardware, whether it’s prebuilt or custom-made by users, it’s going to cost you. Just buying the NAS is not enough, as it’s usually recommended to house it in a secure network, which in turn requires better hardware. Making matters worse, hackers always keep in mind all this effort. A NAS user is likely to keep important stuff if he went to all the trouble of setting everything up.
Ransomware is the primary danger
One of the most common stories people notice in the news is about NAS devices infected with ransomware. Nobody wants their data locked away in their home by ransomware, with no means of recovery. It’s possible to keep a backup for a backup, but it’s not common.
Some manufacturers have been hit more than others. Despite numerous patch releases in the past couple of years, ransomware infections remain a big threat. One problem is that people don’t install the latest patches released by manufacturers or are too cavalier with their NAS devices.
As a general rule, it’s not a good idea to have the NAS exposed directly to the internet, let alone leave open some ports or services. Ideally, any connection to the home NAS should be made over VPN, but the truth of the matter is that many users take network and NAS security for granted.
Attacks on NAS devices will increase
Despite the price, NAS has become increasingly popular in the commercial sector, and even small businesses might choose to use something similar. Increased demand for NAS also means a larger attack surface, which directly translates to more incidents and more time devoted by criminals to find ways to compromise those devices
Realizing the paramount importance of your NAS is the first step towards securing your data. Once you understand just how vulnerable and important the date is, taking the necessary steps to safely use a NAS becomes imperative.
· Keep your NAS up to date and install the latest patches as soon as possible.
· If your NAS reaches end of life, replace it as quickly as possible. Manufacturers rarely, if ever, release patches for EOL devices.
· Close opened ports and shut down services you are not actively using.
· Don’t expose the NAS to the internet unless it’s through a VPN server.
Of course, one of the most important measures you can take is to use an ISP that implements Bitdefender’s IoT Security Platform. One of the most important features of the platform is to inform users of possible vulnerabilities in any house or network, allowing users to make the right decisions in terms of security.