QNAP Security Alert

We’ve got many clients with QNAP NAS servers (Network Attached Storage) – if this applies to you, then please read on, for an important security update.

We have been actively protecting our clients’ servers from virus and malware attacks over the last two weeks.  The first news regarding a virus specifically targeting QNAPs came during the first weekend of November, and there have been multiple subsequent warnings.   The virus called QSnatch is designed to steal user logins and passwords, amend scheduled tasks (such as backups and virus scans), prevent security updates and virus scans.  In short, this puts your business data at risk – and now that one virus has been developed to target QNAPs, you can be sure that more will follow.

As we received the warning out of business hours, Graham took the decision to update all the QNAP servers that we have access to, to protect them.  The updates we made were to:

  • Turn off the default “admin” login
  • Set up a GMT administrative login with dual factor authentication (password plus phone code)
  • Install malware protection (free QNAP utility)
  • Turn off unused services such as FTP, SSH and VPN (will vary per client)

In addition to these changes, we also ran anti-virus and anti-malware scans to check the systems were clean, and updated all the system firmware and applications.  The latest QNAP firmware is specifically designed to protect against the QSnatch virus.

Over the last two weeks there have been three of these firmware updates, which each require rebooting the server, checking any backup has completed, and then installing the update which then requires a second reboot.  All of these changes have been done outside office hours, to ensure your access to your files has not been interrupted.  Each server takes 30 minutes to complete the above system and application updates – so far this month, it has taken around 2 hours per server.  Up until now, we have done this as part of your QNAP backup plan or IT support contract.  Unfortunately, as updates are getting more frequent and complex, we cannot afford to continue this as effectively unpaid work.

If you have a QNAP backup contract with us, this provides you with rented storage space on our servers, for your QNAP server to back up to.  It also includes a monthly check that the backup has completed according to the QNAP logs.  It does not include software updates, virus-checking of the server, individual file level backup testing, restoring of files or guarantee against loss or corruption of files (e.g. if a file is corrupted on your server, the backed up copy on our server will also be corrupted).

We are now offering a QNAP management service, which includes a weekly check of system and firmware updates, and a virus and malware check, for £20 per month plus VAT – that’s just £5 per week.  All updates will be tested on our own QNAP servers prior to being rolled out to clients, to ensure they do not cause any problems.

If you don’t currently have a QNAP backup contract, this is available for £10 per month plus VAT (payable 6-monthly or yearly, or monthly if the backup and management services are taken together).

Alternatively, we can train up to two people in your company how to check and update your server.  This will be a one off cost of £50 + VAT for the training session including two remote support calls.

If you have any questions, please do let us know.  If you would like to read more about the QNAP viruses, please see these websites:

https://www.zdnet.com/article/thousands-of-qnap-nas-devices-have-been-infected-with-the-qsnatch-malware/

https://www.bleepingcomputer.com/news/security/qnap-warns-users-to-secure-devices-against-qsnatch-malware/