How to protect your NAS against ransomware



Malicious actors are everywhere online. It only takes a single phishing email or infected download to damage hardware on your network. Network-attached storage is especially susceptible to ransomware due to containing terabytes of data, often not backed up elsewhere. It’s simple to protect yourself and NAS from such attacks.

What is ransomware?

Ransomware is a virus that infects a device like a PC or NAS and encrypts data. To gain access to the affected data, malicious parties often demand money. Law enforcement recommends not paying any ransom to recover data. It’s not guaranteed you’ll receive access.

Even the best NAS enclosure can become infected and we’ve seen models from some of the most popular brands affected. No one is immune.

How to protect your NAS against ransomware

The best defense against ransomware is common sense. Try to be careful when online and only visit websites you trust, especially when you’re downloading files. The same goes for email and other communications. Don’t click on any links you’re unsure of.

Most NAS manufacturers offer some form of anti-virus application, which can be useful in detecting any malicious files transferred to the server. There’s also the option of taking your NAS completely offline, blocking all access from external connections.


Always back up the data stored on your NAS. Ransomware holds your data hostage but you can remove the power of the malicious party by having a recent copy of your data for restoration.

This would prevent you from accessing your NAS when not at home or in the office and connected to the LAN, but it’s the safest way to protect everything stored within. Most NAS brands have a quick way of disabling external access from within their OS.

If you absolutely must have access to your NAS outside the LAN, a local virtual private network (VPN) server can be a good way to securely connect within your LAN without directly connecting to your NAS.

What to do if your NAS is infected

As aforementioned, it’s not recommended to follow through with the demands and pay money for your files. I’d reach out to your local police force and file a report. Run scans on the affected devices and check to see if any viruses are discovered.

There may be tools available to actually reverse the damage caused by the malicious party. No More Ransom is a good place to start. Once you’re sure everything is clean (reinstalling an OS is a good move if all else fails), data can be recovered from a backup.

It’s incredibly important you create a backup of all your data stored on the NAS.

Richard Pinnock-Edmonds Avatar

Latest articles