How to Keep Data Security from Ransomware

Recently, a number of new variants of ransomware specifically targeted at NAS devices have been discovered. They exploit security vulnerabilities in some NAS servers or invade the server by constantly guessing the user name and password of the device. Some NAS users were also forced to pay a ransom just to restore important data encrypted by the ransomware. In the face of this malicious encryption behavior, TerraMaster specially introduced the most comprehensive security precautions and data storage backup solutions for users to avoid possible blackmail risks.

How to protect NAS servers with known vulnerabilities
When there are known vulnerabilities in the NAS server, the first task is to ensure that the latest security patch has been installed or updated to the latest system. Using TerraMaster server, the system will frequently check the update of the TOS and give various security prompts, prompting users to pay close attention to the security status of the NAS device, and update the latest system in time to ensure the security of the NAS server.

If there are known vulnerabilities but no security patches, you need to do the following:
Before the security patch is available, shut down your server or take it offline—do not connect it to the Internet. Sometimes you can also perform other operations, such as turning off certain services, similar to the recent Print Spooler case in Windows. The virus will attack the vulnerabilities in the discontinued product of some brands because the product has not continued to be maintained and updated.
To avoid such problems at this time, it is necessary to upgrade your device to mainstream storage brands in the market. For example, TerraMaster has been continuously launching NAS products with better performance and ease of use.

Protect NAS servers by keeping user accounts safe

For the NAS server, the security of the NAS can be fully guaranteed through proper user account management. If there are no known vulnerabilities, usually in this case, hackers can only access the server through brute force attacks-they keep guessing the username and password until they find a valid combination.
Hackers can use software to try hundreds or even thousands of combinations per second. They can quickly browse the entire dictionary during the attack. The good news is that it is relatively easy to combat this type of intrusion attempt. TerraMaster NAS has a good user account strategy and an effective mechanism to automatically prevent "guessing".

Create a secure user account

Here is what you should do with user accounts:

• Disable the default administrator account. This is because it is a known account-hackers already know the username, which is "admin" or "administrator", they only need to find out the password. Disabling this account from the system will increase the difficulty of making correct guesses at least twice. The TerraMaster NAS device has cancelled the default admin account, and the user must create his own username and password for the first use.
• Use multiple words as usernames. Basically, you should avoid using well-known popular names, such as your name and birthday.
• Use passwords that are difficult to guess. You don't need to use something too complicated that you can't remember. After understanding the user name and password setting rules of TerraMaster, you can also set a password that is difficult to guess, but it is easy to remember.

Turn on NAS protection to prevent hacker attacks

Automatic blocking is an excellent way to combat brute force attacks. It will stop guessing after a certain number of attempts. When the login party reaches the predetermined maximum number of guesses, you can choose to block the IP address or disable the account.

If the user name uses the wrong password for the specified number of times, the account protection will automatically temporarily lock the account. By the way, this is why you shouldn’t use the above-mentioned easy-to-guess username-your account may be locked frequently.

How to enable automatic account protection and IP blocking on TerraMaster NAS server

1. Log in to the server interface and open the control panel
2. Select General Settings;
3. Then Security, select Account Safety;
4. Under Automatic Block,
5. Check the Enable auto block check box and specify the parameters. Generally, fewer login attempts over a longer period of time means better protection. For example, a setting of 10 attempts in 5 minutes is sufficient to prevent any brute force attacks.
6. Check the Enable Automatic Block Expiry checkbox to enable the block IP expiry time and you need to give it a value. If you don't do this, the IP will be blocked until you manually unblock it. Generally, if you have a remote need to use a server, you should allow the expiration time.

You can set different account protection settings for untrusted clients (any client) or trusted clients (you must specify these manually).

 Most importantly, TerraMaster has more security settings that you can try, although not required. You can also run security applications such as Clam AntiVirus to give the NAS more security protection strategies.

Security is a matter of degree. It is good to maintain a balance between security and usability. At least your server is now safe and does not affect your normal use efficiency.

How to manage data on the NAS server

You can use the NAS server to do many things. As a rule, you should not use an administrator-level account for daily tasks. Ordinary users use non-administrator accounts. You should only use an administrator account to manage the server itself. No matter what type of application you use, there are generally two scenarios for data storage:

1. You are accessing data stored directly on the server. This applies to shared folders, streaming content, databases, websites, etc. This is when your data is live or the edited version is on the server.

2. You store a copy of the data on the server. This applies to situations where you use a server to synchronize data between devices or as a backup destination. This is when you have real-time data and edited versions elsewhere.

3. Both situations have pros and cons—sometimes you have to use one of them—but both are susceptible to malicious and accidental data changes and deletions.

4. In addition to malicious cases such as ransomware, other accidents also occur from time to time.

5. For example, you might accidentally edit a document, save changes, and then close it. It can be difficult, if not impossible, to restore the document to its previous state before making changes. This is especially true when you access the document directly from the server.

6. An important feature that TerraMaster NAS server brings to us is snapshots.

How to use Snapshot to fight ransomware or accidental data changes

Applications that use Snapshot can be installed on all TerraMaster servers that support the Btrfs file system.

The copy function is very useful-it copies the shared folder to another volume or a supported NAS server. However, snapshots are by far the best tool to protect data security.

Snapshot will automatically create a snapshot (one version) of the shared folder when it is opened, with a frequency of once every five minutes. You can keep up to 1024 snapshots.

(The more snapshots you want to keep and the higher the frequency, the more storage space you need, but generally, the amount of space required for each shot depends mainly on the number of changes you make to the folder compared to the previous shots. Compare.

The app has a clever way to minimize the use of additional storage space, and you can also change the number of retained snapshots at any time to free up storage space. )

Therefore, if you need to return to an older state of a file or entire folder due to accident or ransomware, you can easily perform Recovery.

The following describes how to use Snapshot to protect shared folders.

1. Install the Snapshot application from the Applications application center.
2. Run the application and select Snapshots.
3. Select a shared folder and click Settings.
Now you can enable the snapshot schedule, choose how to keep the snapshot, and choose to make the snapshot visible (to the user). Each visible snapshot is stored in a folder called #snapshot within the protected shared folder.
Snapshots are always read-only, which means that previous versions of your data are not susceptible to any changes, including during ransomware attacks. For this reason, they can be made visible to the user. But you can also hide them.

Look at the contents of the #snapshot folder from the user’s perspective. Each snapshot is a folder that contains the data of the shared folder when the system took the snapshot. Then, users can quickly browse files and folders for recovery.

A user of TerraMaster NAS has reported that Snapshot has been used for many years. In the past few months alone, it has helped prevent at least three ransomware incidents. It is effective and proved to be the best way to deal with accidental and malicious data changes.

In the face of increasingly powerful and changeable network attacks and malicious software, it is strongly recommended that you make regular backups of all data in order to restore the infected files and minimize the damage.

How to back up data on TerraMaster NAS

1. DupleBackup

Through the TerraMaster DupleBackup application, important data is automatically backed up, and even remotely backed up. With DupleBackup, Data in NAS can be backed up remotely to another NAS, Rsync server, Webdav server, various mainstream cloud drivers, and NAS local folders. It supports scheduled task backup, incremental backup and multi-version backup, and one-key restore function.

2. Synchronisation of Multiple Cloud Drives

TerraMaster supports multiple cloud drive backup functions. You can back up the data in the cloud drive to NAS, or back up the data in NAS to cloud drive, making your data in double insurance. More cloud drive synchronization, you can download the corresponding application in the application center.

3. AOMEI Backup

The AOMEI Backup in the TerraMaster NAS application center allows you to easily back up the entire machine, backing up systems, files, folders, to the TerraMaster NAS. Once the computer is abnormal, you can easily restore the system and data to a normal state and retrieve valuable information.

Mac users can use TimeMachine to back up Mac data to TerraMaster NAS, which is very convenient.


Usually we must pay attention to data security and integrity, especially if you have a large amount of data, in addition to using a good password policy, keeping the server system version up to date, and formulating a strict snapshot plan for each important shared folder, You can also consider real-time server-to-server backup, folder synchronization or replication, so your data will always remain safe.