Pompeyexile Update… Having had some response from Qnap on how to retrieve my files I have had to buy a higher capacity external hard drive to connect to my NAS on which to hopefully put the restored files. It seems the old 2TB one I have is not big enough. So, I’ve got an 8TB WD MyBook which should be here tomorrow (Monday).
Do you know by any chance how the hackers got in to your NAS? Do you think you did something silly like leaving the door open (not disabling the default or guest administrator account or choosing a very easy password, or not enabling basic security in some way), or did you do all the obvious things and got broken in by sophisticated professionals who could steal the crown jewels?
I have read the tread with interest (and some panic), and hoping I can learn from your experience so I don’t have the same problem on my Synology. I don’t have much more knowledge than you, so went to see the basic security reports that are build in to the NAS. I disabled the default admin when I first set up the NAS, and now I turned on the Firewall, enabled auto-block for too many failed log-in attempts and enabled Denial-of-service protection. When I run the built-in security report everything looks dandy. I also added two-factor verification for the administrator account as a result of reading this thread - but is this enough?
I see suggestions here to not connect the NAS to the internet, but not sure exactly what this means. I access my files, share photos with family and use UPnP to play music over the internet from the NAS - that is part of the point of having it, is it not? By doing this, am I inviting hackers in to hack me with ransomware, or does the advise to disconnect from the internet means something else? Would love to know if I am reasonably protected or not.