The Most Attacked Devices in Consumer Homes: Network Attached Storage (NAS) Security Review

All posts

As evidenced by our latest annual cybersecurity report, network-attached storage (NAS) devices attract an outsized number of attacks. An average NAS device is targeted hundreds of times more often than the average computer of smartphone.

Chart shows the most and least attacked device types on average. Network-attached storage (NAS) devices, DVR, IP camera and baby monitor devices are the device types that face the most threats. Smartwatches, e-readers, game consoles, smart outlets and voice control devices are some of the safest devices. CUJO AI Labs data 2023
Which device types are under threat most and least often, on average

Overall, NAS devices make up a very small proportion of devices: device intelligence data on 1.7 billion consumer devices shows that just 0.02% are NAS devices, which makes it even more astounding that network attached storage devices are targeted by over 10% of all threats.

Chart shows which device types face the most threats in home networks protected by CUJO AI Sentry. Dekstop and laptop computers, IP cameras, smartphones, NAS devices and DVRs are targeted by close to 90% of all online threats to consumer devices. Note: this chart does not include device numbers. For data about average threats per device, see the full CUJO AI cybersecurity report. CUJO AI Labs data 2023
Device types targeted by the most online threats on home networks overall

No Such Thing as a Secure NAS?

Western Digital (WD) devices make up around half of all NAS devices in our data set and attract relatively few threats, but when we talk about overall threats to connected consumer devices, WD NAS devices are still targeted by a large number of attacks. Note: the two charts below show the top 25 brands by overall threats, which is why smaller NAS brands are not represented.

Now, if we look at network-attached storage devices, we’ll see that 97% of threats target just 5 device brands: Synology, QNAP, Seagate, Western Digital, and ASUSTOR.

Bar chart shows the overall security threat distribution for NAS devices. Synology NAS devices are targeted by 35.2% of threats, QNAP - by 27.7%, Seagate - by 20.2%, Western Digital (WD) - by 9.5%, Asustor - by 4.3%. Other brands of NAS attract 3% of attacks
The overall distribution of threats to NAS devices.

The chart above does not take into account the number of devices in the data set, so we can look at the NAS device threat index to determine which brands of NAS are the relatively most, and least, secure.


Bar chart with the threat index for 5 NAS brands. Asustor attracts the most threats per device on average, its threat index is 6.93, Seagate's - 5.99, QNAP's - 2.94, Synology's - 1.36. Western Digital has the lowest threat index at 0.20. The rest of NAS device brands have a total brand index of 0.28

Even though ASUSTOR NAS devices attract a small percentage of threats overall, its small device population makes it the most attacked NAS device brand. Western Digital devices have the lowest threat index among NAS device brands, making it the relatively safest of the most popular brands. Nevertheless, the overall brand threat index does show that Western Digital devices are still targeted a lot more often than the average connected device in a consumer’s home.

Why Aren’t NAS Devices More Secure?

There are a few reasons why NAS devices are targeted so often:

  • NAS devices are often configured to make them more susceptible to attacks: they need to have ports opened for the owner to access data when away from home. With ports 8080 and 443 open, NAS devices are easily noticed by attackers.
  • Users usually have to approve firmware upgrades, which adds significant delays to the patching process.


How CUJO AI Sentry Protects Every Device in the Home

CUJO AI Sentry is a machine-learning multi-layered cybersecurity solution that uses a combination of industry-leading threat intelligence and real-time analysis to block novel threats to all consumer devices on a protected network.

As most threats to IoT, including NAS, devices come from disreputable IP addresses, Sentry offers a few very efficient methods of protection. Our algorithms combine the highest quality threat intelligence sources with our real-life threat data from millions of Sentry deployments to block malicious attempts to remotely access NAS devices from disreputable IP addresses. Another protective layer prevents compromised NAS devices from participating in botnets or DDoS attacks.

On average, Sentry stops 8,112 threats every minute, 10.3% of which target network-attached storage devices. The largest network service providers partner with CUJO AI to provide their end-users (i.e., ISP customers) with robust AI-driven cybersecurity. Visit the ISP security hub for more data reports, articles, and useful insights.

NAS Brand Security


Asustor NAS Security

ASUSTOR NAS devices are the most attacked NAS devices, if we don’t count the discontinued Space Monkey devices. The brand has a relatively low number of active devices, which were targeted by DeadBolt ransomware last year. If you’re using ASUSTOR NAS devices, it’s a good idea to visit their product security advisory page and make sure you have the latest security updates installed on your devices.


Seagate NAS Security

Seagate has as sizeable NAS device population and, among the most popular brands is the most targeted device brand on average, according to our threat intelligence data. Quite a few famous hacks of this manufacturer’s devices has happened over the years, and we advise every Seagate NAS owner to check out their security advisory page to make sure they are using the latest patches.


QNAP NAS Security

QNAP NAS devices are also among the most attacked devices on average, with the latest critical security issue targeting a small number of devices reported as recently as February, 2023. For the latest security issues and patches, see QNAP’s security advisory page here.


Synology NAS Security

Synology devices are targeted by the most overall threats to NAS devices, but they have a larger population than most brands and are, on average, targeted more than four times less often than Asustor or Seagate devices. Nevertheless, a Synology NAS is still targeted over a hundred times more often than an average connected consumer device. As of writing this post, Synology has some unresolved issues, as well as several vulnerabilities fixed this year. For more, see Synology’s security advisory page.


Western Digital NAS Security

Western Digital (WD) is the least attacked NAS device brand on average. Nevertheless, WD has a sizeable device population overall, which is attacked quite often, as evidenced by the brand’s threat index: a WD NAS device is targeted by over 20 times more threats than an average connected device. Much like with any other NAS device brand, owners should follow their product security page to make sure they are on top of any severe vulnerabilities and security fixes.

More Data About Device Security – In the Report

Download the full consumer device cybersecurity report 2023 for more information about NAS and other device type security trends. To see a collection of articles and reports related to network service provider security, visit the ISP security hub.

Other posts by Labs

Cybersecurity IoT