고객님께서 말씀하시길, 기존에 큐냅 나스를 사용하고 있었는데 이번에 랜섬웨어에 감염되어 데이터를 못 쓰게 되었다고 한다. 그래서 시놀로지로 제품을 바꾸고 기존 큐냅은 외부 접속이 안 되는 백업용으로 쓰시겠다고 하신다.
큐냅을 타켓으로 한 특정 랜섬웨어가 유행하고 있다는 것은 알고 있었다. 큐냅에서 메일을 보내주어 미리 업데이트 및 패키지 교체를 할 수 있도록 알려 주었고 업데이트를 진행했다. 다행히 내가 관리하고 있는 나스들은 문제가 없는 상태이다.
고객님께서 생각하고 있는 나스 모델(DS920+)을 알려주시어 해당 제품과 함께 더 좋은, 유용한 제품은 없는지 확인하고 알려드릴 예정이다.
Intel Celeron J4125
쿼드코어 2.0Ghz
ReadyNAS RR2304
Intel Celeron J3355
듀얼코어 2.0GHz
ReadyNAS RN3138
Intel Atom C2558
쿼드코어 2.4Ghz
ReadyNAS RN524X
Intel Pentium D1508 Server Processor
듀얼코어 2.2Ghz
1Gx1, 10Gx1
검토해 보면 할수록 DS920+는 참으로 가성비가 좋은 제품이다. 물론 업체에서 대중적인 용도로 가성비가 좋은 제품으로 출시했기에 그럴 것이다. 더불어 시놀로지 나스 OS가 대중에게 낯설지 않고 많은 정보를 얻을 수 있다는 장점이 있다.
반면 넷기어 제품의 경우 자체 VPN을 통한 인터넷으로 폴더를 공유할 수 있다는 큰 장점이 있지만, OS 및 사용 자체가 일반적인 사용자에게는 많이 낯설고, 정보도 부족하고, 정보는 오직 넷기어 커뮤니티에서 영어로 된 정보만 얻을 수 있다. 넷기어 홈페이지를 통해 나스에 대한 질문을 남겼는데, 아직도 답변이나 연락을 받지 못했다.
전자제품은 확실히 비싼 것이 좋음은 말할 필요가 없는 것 같다. RN524X 제품은 좋은 성능을 보여줄 것 같지만 가격은 많이 부담스럽다.
Response to Qlocker Ransomware Attacks: Take Actions to Secure QNAP NAS
Taipei, Taiwan, April 22, 2021 – QNAP® Systems, Inc. (QNAP), a leading computing, networking and storage solution innovator, today issued a statement in response to recent user reports and media coverage that two types of ransomware (Qlocker and eCh0raix) are targeting QNAP NAS and encrypting users’ data for ransom. QNAP strongly urges that all users immediately install the latest Malware Remover version and run a malware scan on QNAP NAS. The Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version as well to further secure QNAP NAS from ransomware attacks. QNAP is urgently working on a solution to remove malware from infected devices.
QNAP has released an updated version of Malware Remover for operating systems such as QTS and QuTS hero to address the ransomware attack. If user data is encrypted or being encrypted, the NAS must not be shut down. Users should run a malware scan with the latest Malware Remover version immediately, and then contact QNAP Technical Support at https://service.qnap.com/.
For unaffected users , it's recommended to immediately install the latest Malware Remover version and run a malware scan as a precautionary measure. All user should update their passwords to stronger ones, and the Multimedia Console, Media Streaming Add-on, and Hybrid Backup Sync apps need to be updated to the latest available version. Additionally, users are advised to modify the default network port 8080 for accessing the NAS operating interface. Steps to perform the operation can be found in the information security best practice offered by QNAP (https://qnap.to/3daz2n). The data stored on NAS should be backed up or backed up again utilizing the 3-2-1 backup rule, to further ensure data integrity and security.
QNAP Product Security Incident Response Team (PSIRT) constantly monitors the latest intelligence to deliver up-to-date information and software updates, ensuring data security for users. Once again, QNAP urges users to take the above-mentioned actions and periodically check/install product software updates to keep their devices away from malicious influences. QNAP also provides the best practice for improving personal and organizational information security. By working together to fight against cybersecurity threats, we make the Internet a safer place for everyone.
About QNAP Systems, Inc.
QNAP (Quality Network Appliance Provider) is devoted to providing comprehensive solutions in software development, hardware design and in-house manufacturing. Focusing on storage, networking and smart video innovations, QNAP now introduce a revolutionary Cloud NAS solution that joins our cutting-edge subscription-based software and diversified service channel ecosystem. QNAP envisions NAS as being more than simple storage and has created a cloud-based networking infrastructure for users to host and develop artificial intelligence analysis, edge computing and data integration on their QNAP solutions.
I received a call from an unknown company's representative. We were introduced by someone else.
The reason for calling is, It was because the existing PC-lass server was broken, and data was blown and a new server was required. The server has already been quoted (HP ML350 / KRW 7.9 million), but the problem was the maintenance of the server. Since they were not familiar with the server, they have a burden not only in the server management itself, but also in everything such as account, operation, and backup. They who gave the estimation said that maintenance was not possible at the place, so they looked for a company that could maintenance and finally contacted us.
I asked if they don't need to operate Active Directory through Windows Server in their company because it seems that the management burden seems to be heavy, and we recommended that they build a NAS that is somewhat easy to maintain and manage hardware.
They reviewed it and finally decided to proceed with our suggestion.
The condition was that using about 40 people, mainly drawing data. It was suggested as a model with the following specifications. Currently, the total data is about 2TB.
NAS Hardware
We decided to proceed with two units of NAS. It was decided to use the main NAS for the main data storage and regularly back up the data to the backup NAS as it is.
The main NAS is all accessible in-house and has been set to use snapshots against ransomware. The backup NAS is set up for sync back up with the main and only administrators can access it.
The main TVS-x71 model has some really coveted specs. All-around player. Backup TS-453 Pro is a specification that can really be faithful to backup.
TEST Operation
This is a test operation.
The HDD is configured for NAS only, with 4 x 2TB and RAID5.
Dashboard after login
Backup NAS consists of 4 x 2TB for Enterprise HDD and RAID5.
Although not shown in the picture, we also installed two APC UPS SMT750Is. A UPS is the must thing for NAS.
After installation, we provide simple instruction on how to use, and we also checked the operation of the UPS. As a precaution, HDDs can fail after 3 years, so I instructed them to go around to see if the red light on the NAS HDD is lit. We also guided them about disk HOTSWAP.
We had some inquiries during the operation after installation, so we provided additional guidance by phone and email.