Get Support
Forums
Knowledge Base
Data Recovery
Security Notices
Downloads
Warranty Information
Find and download the latest product firmware, utility or driver.
Partner Program
Red Rewards
Deal Registration
Case Studies & White Papers
Webinars
Helpful Tips & Articles
About Buffalo
Buffalo Compliance Information
Trademarks
Legal
Press Releases
Recently, it has been reported that some branded NAS devices have come under attack by certain ransomware strains, including ech0raix, DeadBolt, and Checkmate. Several of these ransomware strains are well-known, having been frequently used in continuous attacks in the past three years, and so far there has been little information regarding the specific vulnerability that the attackers are exploiting.
Buffalo would like to assure our partners and customers that our NAS products are currently not affected by the ech0raix, DeadBolt, and Checkmate ransomware strains, and that we will continue to monitor the situation and provide updates to better protect our customers. While we haven’t seen any such attacks on our devices, we stress that potentially-affected users should take precautions to follow NAS security best practices and recommendations to avoid having their files compromised. We will gladly take any opportunity to discuss the best way to configure your system for maximum security.
We always recommend using VPN connections for your network, secured by strong passwords and multi-factor authentication, rather than direct access. For systems that must be on the Internet directly, such as SFTP servers, setting up whitelisting on your firewall is ideal, and always enable SSL for secure system logins. No systems should be allowed admin rights from the Internet regardless of setup. Please visit our website for instructions on configuring your LinkStation or TeraStation for maximum security.
Other NAS security best practices include:
Keep Strong Passwords: Always change the default password for the administrator account, or create a new admin account, and use a strong password to prevent attackers from brute-force guessing the login password.
Keep Everything Updated: You should regularly receive notifications when firmware updates are available for your NAS. Updates provide fixes that close discovered security vulnerabilities. Immediately installing available updates for your NAS (and any applications installed on the NAS) can keep your device secure. Click here for instructions on how to update firmware for your Buffalo NAS.
Only Enable Necessary Features/Ports: Buffalo NAS supports several file management and access services such as SSH and SMB that are accessible over the Internet. To reduce the potential attack surface a hacker, you should disable all services and ports you don’t use. Click here for instructions on how to configure the network port for Internet traffic and limit it to the minimum required access while administering it from a second network port only accessible internally.
As a leading manufacturer of network storage with over 40 years of industry experience, Buffalo takes data security very seriously, which is why we work with MSPs to make sure they provide their customers with NAS purpose-built for data protection. We urge you to take proper precautions in maintaining security of your data and systems, and to contact us if you have any questions.
This site uses cookies in order to improve your user experience and to provide content tailored specifically to your interest. By continuing to browse our site, you agree to our use of cookies. You can view our Privacy Notice here.
