NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

obaeyens's avatar
obaeyens
Aspirant
Sep 16, 2015
Solved

How to protect from Cryptolocker?

I almost lost my files to a hard disk crash.   So I ended up bying ReadyNas 104 to save my data. I had my issues of locking up the NAS but when I turned off the anti-virus and bit rot then it works...
  • StephenB's avatar
    Sep 16, 2015

    First of all, Cryptolocker has been dead for about 15 months now.  In June of 2014 the botnet driving Cryptolocker was shut down, and by August 2014 two security firms managed to reverse-engineer the decryption, so affected users could recover their files ((https://en.wikipedia.org/wiki/Operation_Tovar).

     

    Synology NAS were hit with a different ransomware, called SynLocker which struck in August 2014 (shortly after Cryptolocker was taken out).  The security bug that SynLocker exploited had already been fixed by Synology in December 2013 (https://redmondmag.com/articles/2014/08/07/ransomware-targeting-synology-nas-servers.aspx).

     

    Therefore your specific threat is no longer a problem.  The broader one (how to protect from the next bad stuff) is not.

     

    Part of the answer to "how to protect..." is to keep up on your firmware updates, particularly ones that include security fixes. If all the synology customers had done that, they would have been fine.  Since Netgear often releases security patches as "beta" initially, you should keep an eye on the forum here for beta releases, and consider taking ones that have security fixes in their release notes.

     

    Another aspect is basic security practices.  Don't put the NAS in the DMZ of your router.  Don't expose services you don't use to the internet.  Use protocols that are encrypted (e.g., ftps instead of ftp, https instead of http).  Also use strong passwords, since encryption buys you nothing if the passwords are easy to crack.

     

    ReadyCloud does present a quandary.  Netgear clearly does care about security, but the ReadyCloud website uses http, not https.  Current information on the VPN core encryption/key exchange isn't available.  So deciding to use it does require accepting some security risks (and living with some unknowns).

     

    Attempting to isolate your backup NAS probably won't help much in mitigating the risks.  Malware could still spread from the main NAS to the backup, when the backup is run.  And frankly the bigger threat is that your personal information will be silently stolen, not destroyed or held for ransom.

     

    So what would help?  Well, you could chose not to use it.  OpenVPN is available on many routers (including Netgear), and that does provide an encrypted and secure way for you to access your data.  It's not as well suited to controlled sharing with friends, it is more of an all-or-nothing kind of thing.  OwnCloud is also an option though - and that provides features similar to ReadyCloud.  And OwnCloud has published a security document, and also published security advisories.  

     

    Or you could choose to use it anyway, and either keep your sensistive information off the NAS altogether, or put it into encrypted containers. An Encrypted VHD (Microsoft virtual disk) would work, it uses client-side encryption so getting the VHD file from the NAS doesn't help the bad guys.

     

     

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More