For those not aware of it, NAS is awesome, but as Tony said, not without it's issues too. Especially when always online, as most will probably be with default settings nowadays.

Many NAS brands have in recent months been affected by ransomware, some more than others AND multiple times. Quite easy to avoid, simply by maintaining updated firmwares and software(apps).

The most prevalent ransomware affecting NASes in the past couple years has been 'Deadbolt', which just encrypts all your files.

I recently had a mate that was affected by this on his Asustor. Luckily his NAS was his secondary backup point, his main being a drive on his PC, so it was trivial to restore all his files.
Took a while to figure out what happened exactly, and he missed the ransom note on his NAS .. but in the end turned out all ok with his restoration.

Some of us use NASes in different ways .. not just backup locations. For example I (used too) use mine mainly for backed up movies, and when connected to the TV, the kids used to be able to watch their movies more easily.
I personally don't use these services myself, but the main point here being the services running on the NAS. This is where the vulnerabilities come from.
All NASes run services, and the fewer that are running, the more secure the NAS is.

For example: I have a QNAP NAS, and the only superfluous service I used to run was it's app called Photostation. I used to run it primarily so it would index the files(again mainly photos) generate thumbnails, and I could manage the files without needing PC on. I could do it via the TV. It also had a viewing feature.
I've since removed photostation, due to lack of use, and once the index has been made, it's no longer needed anyhow. But the ability to show photos via the TV was kind'a handy for a short while, so I installed the safer Qmagie app(more secure).

The main point here is to be mindful of what services/apps running on the NAS.

And specifically for Brian here: you could have potentially saved a lot of "laptop on time" ... depending on what brand of NAS you have.
Many of them have an ""upload to cloud ability, in that you can backup your NAS to a cloud service too. That is, instead of backing up your files, and assuming that your NAS is a full backup of your files, you'd have a NAS backup routine enabled on the NAS, where it simply creates the backup for you on the fly.

As far as I'm aware, these ransomwares affecting NASes in recent times haven't affected the cloud service backed up files.

I don't really use cloud services to their fullest myself, but what I was thinking(as an example of how this NAS backup could work, would be to back the important stuff to (again just an example) .. Google drive(15Gigs). ... and another if you so desire .. thus making multiple locations of backed up stuff.

Another thing I DON'T do any more is to make two way syncs of files. Been bitten by that before, where I unwittingly backed up corrupted files to the NAS. While this isn't common nowadays .. it's always possible.

AND (I think finally) .. I'm pretty sure a NAS can be made to be both always online but partially offline too. That is, for protection of files from power surge type issues, you can individually turn HDDs on and off as you require.
This is what I do.
I don't use my NAS in the traditional sense by having RAID configs and stuff like that. I just use individual disks(JBOD) where each disk is it's own storage spot.
So my files are backed up to two drives, made identical every now and then.
I backup regularly to one drive(always on) and then ... eg couple of months, or yearly or whatever, the non active drive gets restarted .. backed up too and then turned off again.
Don't help if I have a break in and thieves steal the NAS itself .. but then again I'm thinking thieves aren't smart enough to know what a nondescript black box sitting in a dark corner, which is hard to find, unless you really look for it .. kind of thing.

Hope this makes sense .. and check your NASes(if you have them) for updates regularly.