TerraMaster Issues Guidance to Prevent Ransomware Attacks on NAS

Recently, TerraMaster Technology Co., Ltd have received reports that some TNAS devices have been attacked by ransomware.

Based on the case study, the company preliminarily concluded that this was an external attack targeting TNAS devices. To keep your data safe from attack, take action immediately!

The firm suggest you take following countermeasures:

• Upgrade your TOS to the latest version;

• Install good anti-virus software on your computer, TNAS device and router to help you detect and resist malicious threats;

• Disable port forwarding on your router;

• Disable the UPnP function on your TNAS;

• Disable RDP, SSH and Telnet when not in use;

• Set a high security level password for all users;

• Disable the system default admin account, re-create a new admin account, and set an advanced password;

• Enable firewall and only allow trusted IP addresses and ports to access your device;

• Avoid using default port numbers 5443 for HTTPS and 8181 for HTTP;

• Enable automatic IP block on your TOS Control Panel to block IP addresses with too many failed login attempts;

• Backing up data is the best way to deal with malicious attacks; always back up data, at least one backup to another device. It is strongly recommended to adopt a 3-2-1 backup strategy.

If unfortunately you have found that your data is infected by ransomware:

• Disconnect your computer and TNAS device from the Internet immediately;

• Before restoring data, thoroughly remove the infection in the computer system and TNAS; You need to restore your TNAS to factory settings and completely format all your hard drives.