I think you're un-neighbourly. Yes, they could slow the network down streaming HD TV on multiple devices, but worrying about anything else is unrealistic.
"So they download something dodgy and you can't prove it's not you?"
a) you don't have to. That's the wonderful thing about our legal system.
b) there are very clever people and very technical ways to find out who downloaded and accessed what, where and when.
Collaborate
You could limit the access to your NAS in about 20 seconds. Maybe 5 minutes if you needed to watch a youtube video to learn how first.
Also it makes all the computers on your network vulnerable to a hack.
Nonsense.
Rainbunny
Do you know what brute-forcing means? Why would they do that inside the network as opposed to doing it to the network.
//-----------
The real people who have anything to worry about here are the nieghbours.
I was a speaker about a similar subject at a conference a couple of years ago. To make a point, I set up a free, open and appropriately named wifi hot spot in the morning. I was first to talk in the afternoon and showed (anonymized) data on a 20' x 20' screen showing who had accessed what sites and when and other data like usernames and passwords in the morning. Hundreds of people! It had portal page where people chose a username, supplied and email address and a password to access the wifi. This wasn't stored but could have been. I asked the room who had used the password for their email address and there was a quiet shuffling of feet. They realised they'd theoretically given me email addresses and linked passwords.
Even in a room of IT professionals, the consequences of joining an untrusted network had passed them by.
tl;dr
Be wary of joining networks. With a few minutes of learning, you can set up security properly so that you can allow neighbours to access it for the short term without worrying.
You should limit access and folder properties anyway. On the NAS drive mentioned by a PP, you don't want anyone to have edit permissions anyway.