Hackers destroy website - apparently permanently
-
News Here[^] Amazing thing for me was "The attack took down the site's two servers and the owners had not established an external backup system. " The site had been going for 13 years! With no backup! Even MY backup regime is better than that (not much, but it is better!)
___________________________________________ .\\axxx (That's an 'M')
Think calling them morons etc is to say the least unfair. I for one have sympathy for them, they are the victims of a criminal attack - if you fall victim of a crime it’s not you that has done wrong. Locking doors and having insurance is a (very) good idea - unfortunately their locks were too weak and the insurance company got hit (second server). No one can say their system is a 100% safe - yes you might back up your server, but what happens if the backups get destroyed, say by an upset employee etc., there is always a risk. We just choose the level of risk we are prepared to accept or can pay for. Backing up web sites is harder than backing up an office server, often you don't have access to a physical machine, its either co-located or a 'virtual server' somewhere, perhaps even one that you can't physically get to, implying the backup is over the internet - yuk! Also its the loss to the aviation simulation community - as someone else said there's a 'special place in hell' for this hacker and hopefully one that will be taken up very soon....!
-
Maybe they could use this: http://warrick.cs.odu.edu/[^]
-
They should stop blaming hackers and start looking at how they were morons for not backing up code since the 90s. Thinking about this is like my parents on a computer and they get a virus and it wipes out there stuff, then they ask me can you get it back and i tell them NO... sorry you should of backed up your system. Morons... :thumbsdown:
KISS "Keep It Simple, Stupid"
Age: 0 - 9. Parents are the fount of all knowledge and as wise as Solomon Age: 10 - (variable). Parents are the most stupid people ever to have walked the earth. Age: (variable) - end. Turns out, parents really were the wisest, most intelligent people ever, and I do mean EVER!
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
I wonder if Google's webpage cache could help resurrect the website... It would probably be a nightmare... Might be better to start from scratch...
My thoughts as well.
Software Kinetics - Moving software
-
Think calling them morons etc is to say the least unfair. I for one have sympathy for them, they are the victims of a criminal attack - if you fall victim of a crime it’s not you that has done wrong. Locking doors and having insurance is a (very) good idea - unfortunately their locks were too weak and the insurance company got hit (second server). No one can say their system is a 100% safe - yes you might back up your server, but what happens if the backups get destroyed, say by an upset employee etc., there is always a risk. We just choose the level of risk we are prepared to accept or can pay for. Backing up web sites is harder than backing up an office server, often you don't have access to a physical machine, its either co-located or a 'virtual server' somewhere, perhaps even one that you can't physically get to, implying the backup is over the internet - yuk! Also its the loss to the aviation simulation community - as someone else said there's a 'special place in hell' for this hacker and hopefully one that will be taken up very soon....!
When it comes to backing up web servers its ridiculous to think using the other web server is going to help. If a hacker gets in they'll get both servers, If the data center has a power spike you'll probably fry all the hdds in the rack....off site backups have always been a must even if its random one a day FTP to a machine off site its really not hard costs nothing and although won't give 100% back ups it will stop you loosing 13 years worth of stuff.
-
News Here[^] Amazing thing for me was "The attack took down the site's two servers and the owners had not established an external backup system. " The site had been going for 13 years! With no backup! Even MY backup regime is better than that (not much, but it is better!)
___________________________________________ .\\axxx (That's an 'M')
Maxxx_ wrote:
The site had been going for 13 years! With no backup!
Technically, you're wrong. They were backing up between servers. Not having an off-site backup is a "bad thing" (tm), as is proven here.
"Why don't you tie a kerosene-soaked rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt, 1997
-----
"...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001 -
I wonder if Google's webpage cache could help resurrect the website... It would probably be a nightmare... Might be better to start from scratch...
My GUID: ca2262a7-0026-4830-a0b3-fe5d66c4eb1d :) Now I can Google this value and find all my Code Project posts!
-
When it comes to backing up web servers its ridiculous to think using the other web server is going to help. If a hacker gets in they'll get both servers, If the data center has a power spike you'll probably fry all the hdds in the rack....off site backups have always been a must even if its random one a day FTP to a machine off site its really not hard costs nothing and although won't give 100% back ups it will stop you loosing 13 years worth of stuff.
Agree 'No if or buts' an offsite backup is the best. However there are a lot of websites that use servers that the owners do not have physical access to. So its an FTP jobby, and if your offsite location has only a slow internet link, you can understand the problem! Be a bit worried about a commercial data center that had a risk of a power spike taking out racks of client machines!
-
News Here[^] Amazing thing for me was "The attack took down the site's two servers and the owners had not established an external backup system. " The site had been going for 13 years! With no backup! Even MY backup regime is better than that (not much, but it is better!)
___________________________________________ .\\axxx (That's an 'M')
Seems like everybody is complaining/blaming the site owner's lack of planning but no one is talking about the moron hacker(s) who took down the site? Wonder if the hacker can be identified/located and may be he/she has the backup to restore the site? (before he goes to jail :) Anybody knows anything about the bad guy?
-
Think calling them morons etc is to say the least unfair. I for one have sympathy for them, they are the victims of a criminal attack - if you fall victim of a crime it’s not you that has done wrong. Locking doors and having insurance is a (very) good idea - unfortunately their locks were too weak and the insurance company got hit (second server). No one can say their system is a 100% safe - yes you might back up your server, but what happens if the backups get destroyed, say by an upset employee etc., there is always a risk. We just choose the level of risk we are prepared to accept or can pay for. Backing up web sites is harder than backing up an office server, often you don't have access to a physical machine, its either co-located or a 'virtual server' somewhere, perhaps even one that you can't physically get to, implying the backup is over the internet - yuk! Also its the loss to the aviation simulation community - as someone else said there's a 'special place in hell' for this hacker and hopefully one that will be taken up very soon....!
At one time, I worked for a company where: (a) Every machine was backed up, every day. (b) Weekly, selected tapes from each machine were taken to a bank to be placed in safe deposit by the owner. (c) New tapes were purchased regularly, and old tapes were removed from use. (d) Every full version of the software was archived to tape and that version was kept FOREVER. This was an easy regimen when hard disks were no more than 40MB. It got more difficult as disks began to increase in size past 100MB. Now, for most folks we're talking about 40GB, minimum. However, we have things like portable USB drives with 500GB-1.5TB storage, so rotations can still be done. However, how many actually do it without a CIO staring over their shoulder?
-
Seems like everybody is complaining/blaming the site owner's lack of planning but no one is talking about the moron hacker(s) who took down the site? Wonder if the hacker can be identified/located and may be he/she has the backup to restore the site? (before he goes to jail :) Anybody knows anything about the bad guy?
I haven't see any details about the attack itself, but since permanently destroying a site doesn't really serve any purpose unless you're seeking revenge, my suspicion is that the servers were infected with encrypting extortionware. RSA128 is basically uncrackable (if the NSA or any of their peers have figured out a way, you can be sure they'll never share); which leaves the victims helpless if they don't pay up. :doh:
It is a truth universally acknowledged that a zombie in possession of brains must be in want of more brains. -- Pride and Prejudice and Zombies
-
I haven't see any details about the attack itself, but since permanently destroying a site doesn't really serve any purpose unless you're seeking revenge, my suspicion is that the servers were infected with encrypting extortionware. RSA128 is basically uncrackable (if the NSA or any of their peers have figured out a way, you can be sure they'll never share); which leaves the victims helpless if they don't pay up. :doh:
It is a truth universally acknowledged that a zombie in possession of brains must be in want of more brains. -- Pride and Prejudice and Zombies
Possible could be extortion - if so hacker can be caught, if not I wonder if the site was totaly destoyed - did the hacker really bother to use a secure disk wipe - suspect not! Hacker must have been familar with site, as he knew of the second server - inside job?
-
Possible could be extortion - if so hacker can be caught, if not I wonder if the site was totaly destoyed - did the hacker really bother to use a secure disk wipe - suspect not! Hacker must have been familar with site, as he knew of the second server - inside job?
... or both servers were connected to the net in a load sharing setup, or the attacker used a worm that spread from the one directly on the net to the second automatically.
It is a truth universally acknowledged that a zombie in possession of brains must be in want of more brains. -- Pride and Prejudice and Zombies
-
Computers were not there at their time, so they are not morons for not knowing the difference between right and left click. Talking of that, your parents could have known them all if you had taught them. I can see your child calling you a moron sometime in the future... :rolleyes:
It is a crappy thing, but it's life -^ Carlo Pallini
-
Think calling them morons etc is to say the least unfair. I for one have sympathy for them, they are the victims of a criminal attack - if you fall victim of a crime it’s not you that has done wrong. Locking doors and having insurance is a (very) good idea - unfortunately their locks were too weak and the insurance company got hit (second server). No one can say their system is a 100% safe - yes you might back up your server, but what happens if the backups get destroyed, say by an upset employee etc., there is always a risk. We just choose the level of risk we are prepared to accept or can pay for. Backing up web sites is harder than backing up an office server, often you don't have access to a physical machine, its either co-located or a 'virtual server' somewhere, perhaps even one that you can't physically get to, implying the backup is over the internet - yuk! Also its the loss to the aviation simulation community - as someone else said there's a 'special place in hell' for this hacker and hopefully one that will be taken up very soon....!
Don't disagree really, but hell, if you are going to live in a dangerous place, teeming with criminals with burglary tools (the internet) but you leave your windows open and only insure your building not contents, then you're a gambler - and when gamblers lose I don't have sympathy.
___________________________________________ .\\axxx (That's an 'M')
-
Age: 0 - 9. Parents are the fount of all knowledge and as wise as Solomon Age: 10 - (variable). Parents are the most stupid people ever to have walked the earth. Age: (variable) - end. Turns out, parents really were the wisest, most intelligent people ever, and I do mean EVER!
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
Think calling them morons etc is to say the least unfair. I for one have sympathy for them, they are the victims of a criminal attack - if you fall victim of a crime it’s not you that has done wrong. Locking doors and having insurance is a (very) good idea - unfortunately their locks were too weak and the insurance company got hit (second server). No one can say their system is a 100% safe - yes you might back up your server, but what happens if the backups get destroyed, say by an upset employee etc., there is always a risk. We just choose the level of risk we are prepared to accept or can pay for. Backing up web sites is harder than backing up an office server, often you don't have access to a physical machine, its either co-located or a 'virtual server' somewhere, perhaps even one that you can't physically get to, implying the backup is over the internet - yuk! Also its the loss to the aviation simulation community - as someone else said there's a 'special place in hell' for this hacker and hopefully one that will be taken up very soon....!
I'm not massively involved in web development - I run some websites but they're not much to speak of (and in some cases, inherited). BUT: Now that I've a DLink DNS-323 NAS, it will do scheduled ftp backups for me - and it does. Even for those hosted free, on Yahoo! (for now, at least), I keep the equivalent of a backup: all the development is on my PC, copies uploaded when changed. I will be recreating that site on an ftp capable site - I have the source. So - one can have sympathy for innocents who are victims of Heartless Hackers, but people managing a server for a decade or more? Are they so insular in their flight simulator that they don't keep a true external copy of their source data (and history, for that matter) ? ? Sympathy is well spent on victims - but these people victimized themselves. One may shake their head, but more in disbelief than sympathy. (Oh, my heart has indeed turned to stone).
"The difference between genius and stupidity is that genius has its limits." - Albert Einstein
"How do you find out if you're unwanted if everyone you try to ask tells you to stop bothering them and just go away?" - Balboos HaGadol"It's a sad state of affairs, indeed, when you start reading my tag lines for some sort of enlightenment. Sadder still, if that's where you need to find it." - Balboos HaGadol
