TerraMaster NAS Feature in-built Anti-Ransomware

[btarunr]

TerraMaster, a professional brand that specializes in providing innovative storage products for home, businesses and enterprises, presents its comprehensive suite of cybersecurity features to provide excellent protection against all variants of ransomware, viruses, and other forms of cyberattack. There has been an increase in new variants of ransomware that specifically target NAS devices. TerraMaster continuously bolsters the suite of cybersecurity features on its NAS devices to provide effective protection even to the newest ransomware variants. TerraMaster has taken the necessary steps for help users avoid common pitfalls that are targeted by attackers. TerraMaster also provides the necessary security features to protect against cybersecurity attacks.

TerraMaster NAS users can get alert notifications for system events, power failures, and others. This helps managers in real-time monitoring even at home, ensuring that you are always up to date with the status of your TNAS. TerraMaster NAS device has disabled the default administrator account. This ensures users will create a new administrator account and set their own password at first use.



TerraMaster NAS devices come with an Automatic IP Blocking feature wherein it automatically blocks users from a particular IP address with too many login attempts. To learn more about Automatic IP Blocking and how to enable its function, please visit TerraMaster. Users can get access to the Clam AntiVirus via the TOS app. ClamAV is an open-source antivirus engine for detecting trojans, viruses, malware and other malicious threats.

Snapshot
Snapshot can be installed on TerraMaster NAS devices with Btrfs file system support. Snapshot is a common cybersecurity feature that uses a copy function to create image copies of the storage server. Users can enable Snapshot to take an image snapshot as frequently as every 5 minutes. Nevertheless, users can tweak how Snapshot work depending on available storage space.

Backup
Backup works differently compared to Snapshot. Backup is a more comprehensive protective feature wherein a complete copy of your data is safely stored elsewhere. TerraMaster NAS devices feature the DupleBackup which provides data backup options to several supported storage options including another TNAS, Rsync server, Webdav server, various mainstream cloud drivers, and NAS local folders.

TerraMaster NAS devices also support AOMEI Backup. The AOMEI Backup in the TerraMaster NAS application center allows you to easily back up the entire machine, backing up systems, files, folders, to the TerraMaster NAS. In cases of abnormality or cyberattack, users can easily restore the system and data to a normal state and retrieve valuable information.

TerraMaster NAS devices come with a full suite of protection to help users fight against malware, viruses, ransomware, and other forms of cybersecurity attacks. Users can activate all these features simultaneously for the best protection.

View at TechPowerUp Main Site

 

[TheLostSwede]

Oh man, this is just going to make them a target.

 

[Wirko]

I guess it works purrfectly and protects your data flawlessly, until it's hacked.

 

[Tardian]

I guess it works purrfectly and protects your data flawlessly, until it's hacked.

Yes, perfectly was spelt correctly in the first version.

 

[5 o'clock Charlie]

Oh man, this is just going to make them a target.

I still do not understand what is so special that is being declared in this press release about anti-ransomware.
Snapshots are not immune since they reside locally on the machine.
ClamAV, though it works, there is nothing super special about it. My company has it deployed on their BSD/Linux systems, and acts like any other antivirus.
Backups residing externally from the NAS is the only point here that would help against ransonware, but as long as your backups are up-to-date to avoid data loss.
I must be missing something here.

 

[W1zzard]

I see nothing there that's specifically against ransomware? Rather these are the most basic security best practices?

 

[5 o'clock Charlie]

I see nothing there that's specifically against ransomware? Rather these are the most basic security best practices?

If the question was directed to my post, I should have elaborated that these are good security and preventative maintenance practices. It is always good to keep updated backups.
Since I am not well versed in ransomware, was wondering if there was anything else that could help mitigate it other than keeping your apps/OS updated, backups and antivirus? Maybe just keep the NAS local access only, but for some users, remote access is essential.

 

[TheLostSwede]

I still do not understand what is so special that is being declared in this press release about anti-ransomware.
Snapshots are not immune since they reside locally on the machine.
ClamAV, though it works, there is nothing super special about it. My company has it deployed on their BSD/Linux systems, and acts like any other antivirus.
Backups residing externally from the NAS is the only point here that would help against ransonware, but as long as your backups are up-to-date to avoid data loss.
I must be missing something here.

I doubt it, it's a Taiwanese company after all and this is just them trying to win over customers from the competition.
As I said, this is just going to make them a target, since I'm pretty sure, just as you're saying, that there's nothing in this press release about what exactly would stop a ransomware from encrypting the data. Maybe their CPU is so slow and lacks AES encryption, so it would take too long?

 

[W1zzard]

If the question was directed to my post

It was not, sorry if it came across like that

Maybe their CPU is so slow and lacks AES encryption, so it would take too long?

lol you should patent this idea and sell it to the NAS makers

 

[TheLostSwede]

If the question was directed to my post, I should have elaborated that these are good security and preventative maintenance practices. It is always good to keep updated backups.
Since I am not well versed in ransomware, was wondering if there was anything else that could help mitigate it other than keeping your apps/OS updated, backups and antivirus? Maybe just keep the NAS local access only, but for some users, remote access is essential.

I keep my NAS local only, but I can VPN in to my network if I need to access it remotely, but that goes through my router, which I hope makes it a tad safer.
I can't think of much that would prevent a ransomware attack, except keeping everything up to date and don't click on dodgy links...

 

[5 o'clock Charlie]

It was not, sorry if it came across like that


lol you should patent this idea and sell it to the NAS makers

Not your fault. I just realized if it was, my post would have been quoted. Apologies for the confusion. Happy Friday!

I keep my NAS local only, but I can VPN in to my network if I need to access it remotely, but that goes through my router, which I hope makes it a tad safer.
I can't think of much that would prevent a ransomware attack, except keeping everything up to date and don't click on dodgy links...

Interesting. If I ever buy or build my own, that sounds like the way to go if you need remote access. Thanks for the tip.
One more question, does all ransomware require user interaction in order for it to deploy (e.g. links, executing exploited scripts, etc.)?

 

[TheLostSwede]

Interesting. If I ever buy or build my own, that sounds like the way to go if you need remote access. Thanks for the tip.
One more question, does all ransomware require user interaction in order for it to deploy (e.g. links, executing exploited scripts, etc.)?

Most likely not, as a lot of seems to come via botnets exploiting weaknesses in the software on the device.
I run Open Media Vault on mine, which is built on top of Debian.
Maybe not the most popular NAS OS, but it's been rock solid and the next version should improve the user experience quite a bit with an improved UI.

 

[zlobby]

I keep my NAS local only, but I can VPN in to my network if I need to access it remotely, but that goes through my router, which I hope makes it a tad safer.
I can't think of much that would prevent a ransomware attack, except keeping everything up to date and don't click on dodgy links...

0-click and 0-day ring any bell?

 

[TheLostSwede]

0-click and 0-day ring any bell?

That's the thing, there's no such thing as a bug free/safe device that's connected to the internet. There's always someone that figures out an attack vector.
All you can to, is to keep your software up to date.
I'm just grateful I have a router that's supported by Voxel, which seems to push out security patches nearly every month. I did in fact just update to the latest one.

 

[zlobby]

That's the thing, there's no such thing as a bug free/safe device that's connected to the internet. There's always someone that figures out an attack vector.
All you can to, is to keep your software up to date.
I'm just grateful I have a router that's supported by Voxel, which seems to push out security patches nearly every month. I did in fact just update to the latest one.

Oh, many other things could be done, but one can never achieve perfect security.

Best you can do is add multiple layers of security and opt for dynamic root of trust. This way if someone breaks into your router for example, they would still need to work separately on the NAS.

Strong crypto, good digital habits, redundancy, constant hardening, pentesting and auditing. Then, maybe you have a chance.

 

[W1zzard]

This way if someone breaks into your router for example

once they hack your router it's game over, moving laterally is trivial in nearly all home networks, especially when you're able to view/modify packets going in and out

 

[zlobby]

once they hack your router it's game over, moving laterally is trivial in nearly all home networks, especially when you're able to view/modify packets going in and out

Don't let your home network be like nearly all home networks.

All hosts in my LANs are firewalled and distrusted by default, for example. Not unbreakable but it will buy me some time for some of the whistleblowers to trigger an alarm that something fishy is going on.

There are many rules, best practices and procedures to follow for some peace of mind. Granted not many people bother at all.

 

[Tardian]

I keep my NAS local only, but I can VPN in to my network if I need to access it remotely, but that goes through my router, which I hope makes it a tad safer.
I can't think of much that would prevent a ransomware attack, except keeping everything up to date and don't click on dodgy links...

Now I am not an authority on hacking and ransomware, but I have a friend who is, and his advice is:

Short of air-gapped computing and storage, any accessible device, no matter how secure (e.g. NSA, NASA, Pentagon ...) is vulnerable.
AL 2021

 

[TheLostSwede]

Now I am not an authority on hacking and ransomware, but I have a friend who is, and his advice is:

Pretty much, yes. They've even managed to access data on air-gapped computers over the power line, if very slowly.

 

[Tardian]

Pretty much, yes. They've even managed to access data on air-gapped computers over the power line, if very slowly.

Not so much if you are not connected to the grid, and the house is a Faraday Cage.