Backups of backups
-
I suppose it makes sense that an IT professional would want the NHS to spend more of its budget on IT professionals. Me, I want them to spend ALL their money on making people well. When the people who distributed this malware are caught, let's hope that they are given life sentences for it. An object lesson needs to be taught: Go ahead and be an @rsehole, but certain things are off-limits.
I wanna be a eunuchs developer! Pass me a bread knife!
Mark_Wallace wrote:
When the people who distributed this malware are caught, let's hope that they are given life sentences for it.
Hell, NO! Hacking a system that involves human safety (medical, air traffic control, first-responder communications, and so on) ought to be a felony. If a person dies as a consequence of the hack, it ought to be prosecuted as first-degree murder, with a mandatory maximum possible sentence allowed under the law. If that sentence dictates capital punishment, all the better. I want their heads mounted on pikes outside the castle walls as a warning to others.
Software Zen:
delete this; -
It's hard to imagine. If I lost our primary source control server, I could have us back up and working in less than an hour. If I lost all three servers it would take a day to build a box(*) and get everything installed. Anything more serious than that would suggest building damage (fire, tornado, etc.) that would mean far more significant problems. (*) All three of my current servers are recycled server-class industrial PC's from our products. I have a pile of these machines in my lab called the Island of Misfit Toys ;), all of them functional. If I had the time, I'd love to create a distributed build system. Our current build process takes 30-90 minutes, depending upon the product and which server is running the build. With a distributed process, I could probably get that down to under 10.
Software Zen:
delete this;This one system runs on servers spread across 3 cities (for technical reasons). We just this month moved 5 racks of data processing from the 3rd floor of this building to a new datacenter on the 2nd floor. This took 2 YEARS of planning. We just finished the move this month (with no loss of service).
-
We don't have any life-critical data on our little home network, but I keep full backups of our data on air-gapped drives. Then I also backup some important data to DVDs that cannot be corrupted. I cannot help but wonder: Hospitals and other medical institutions have very critical data. How can they not keep regularly updated backups on safe media, out of reach of Ransom viruses? It just seems extremely negligent to me.:confused:
Get me coffee and no one gets hurt!
The first rule of security is, you don't "talk about it" (your measures). I use 3 levels: 1) Extra local drive (D) 2) External drive 3) Cloud storage. Most acquaintenances I steer to cloud storage (PC and Mac) for their photos and the like.
"(I) am amazed to see myself here rather than there ... now rather than then". ― Blaise Pascal
-
Don't start sleeping yet - Europol pointed out that the real fun will be Monday, when all those "turned off for the weekend" computers are booted up... :~
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay... AntiTwitter: @DalekDave is now a follower!
Except the virus stopped spreading when a random domain name was registered, as the virus assumes it is being run in a an analysis sandbox. They are keeping the domain up. Assuming the hackers don't start a DOS attack against it (my fear).
-
This one system runs on servers spread across 3 cities (for technical reasons). We just this month moved 5 racks of data processing from the 3rd floor of this building to a new datacenter on the 2nd floor. This took 2 YEARS of planning. We just finished the move this month (with no loss of service).
When I worked at DOW Chemical I was introduced, as an intern, to the Disaster Recovery Plan they had. Their backups go offsite. They rent a virtual offsite location year round. Quarterly they test their restore process, and TIME IT. When you are dealing with this much data, and tens of thousands of shipments coming into various ports throughout the world, this gets serious. They update their documentation on when people have to be on planes to fly to one of the few restore centers, and had fallback plans for emergency leasing of jets, and people driving!!! My first question, after realizing that MANY companies pay this same company for these services, and access to their mainframes, etc.... "What happens if many companies get hit at the same time?" The answer was "The risks of that are LOW, but they can handle up to 3 companies at once". Which is incredibly rare. (And the lesson of the last 25 years... UNTIL IT ISNT) This outbreak brought back those two memories. Having worked for companies that CANNOT REASONABLY complete a "backup" in 24 hrs, think of your exposure. Just hope it never spreads through bitcoin :-)
-
Mark_Wallace wrote:
When the people who distributed this malware are caught, let's hope that they are given life sentences for it.
Hell, NO! Hacking a system that involves human safety (medical, air traffic control, first-responder communications, and so on) ought to be a felony. If a person dies as a consequence of the hack, it ought to be prosecuted as first-degree murder, with a mandatory maximum possible sentence allowed under the law. If that sentence dictates capital punishment, all the better. I want their heads mounted on pikes outside the castle walls as a warning to others.
Software Zen:
delete this;All I can say is that you guys are going easy on them... the sad part is that this goes back to the NSA!
-
Except the virus stopped spreading when a random domain name was registered, as the virus assumes it is being run in a an analysis sandbox. They are keeping the domain up. Assuming the hackers don't start a DOS attack against it (my fear).
A DDOS shouldn't do it in theory, since it's the IP it looks for (apparently) - which comes back from the DNS lookup rather than the domain itself.
Bad command or file name. Bad, bad command! Sit! Stay! Staaaay... AntiTwitter: @DalekDave is now a follower!
-
We don't have any life-critical data on our little home network, but I keep full backups of our data on air-gapped drives. Then I also backup some important data to DVDs that cannot be corrupted. I cannot help but wonder: Hospitals and other medical institutions have very critical data. How can they not keep regularly updated backups on safe media, out of reach of Ransom viruses? It just seems extremely negligent to me.:confused:
Get me coffee and no one gets hurt!
I remember when well-meaning and trusted IT professionals took rolls of backup-tape home with them for off-site storage because the company WOULDN'T PAY for off-site backup. I don't remember any adverse effects ... and that's not because my memory is shot. Of course, back then people didn't know how to "monetize" other folks' data!
-
I remember when well-meaning and trusted IT professionals took rolls of backup-tape home with them for off-site storage because the company WOULDN'T PAY for off-site backup. I don't remember any adverse effects ... and that's not because my memory is shot. Of course, back then people didn't know how to "monetize" other folks' data!
It seems to me a big part of today's problem is that companies are too stingy to pay for proper backup facilities and procedures (and possibly personnel), to cover the kind of eventuality that we saw this past week. If so, they get what they deserve!
Get me coffee and no one gets hurt!
-
We don't have any life-critical data on our little home network, but I keep full backups of our data on air-gapped drives. Then I also backup some important data to DVDs that cannot be corrupted. I cannot help but wonder: Hospitals and other medical institutions have very critical data. How can they not keep regularly updated backups on safe media, out of reach of Ransom viruses? It just seems extremely negligent to me.:confused:
Get me coffee and no one gets hurt!
First thing: Minimum budget. Second thing: Many people who work in medical institutions dont know or dont care about cybernetic security at all. Last thing: Many people think that they had a paid version of a famous anti virus will help protect them from anything, even electrical leak.
-
I remember when well-meaning and trusted IT professionals took rolls of backup-tape home with them for off-site storage because the company WOULDN'T PAY for off-site backup. I don't remember any adverse effects ... and that's not because my memory is shot. Of course, back then people didn't know how to "monetize" other folks' data!
I still take my nightly backup on LTO-6 tape each evening. Two weeks of tape on a rotating basis gives me 10 days I can go back in case of infection Stupidity.
-
We don't have any life-critical data on our little home network, but I keep full backups of our data on air-gapped drives. Then I also backup some important data to DVDs that cannot be corrupted. I cannot help but wonder: Hospitals and other medical institutions have very critical data. How can they not keep regularly updated backups on safe media, out of reach of Ransom viruses? It just seems extremely negligent to me.:confused:
Get me coffee and no one gets hurt!
Simple. Make a backup and place it into a fireproof safe. Then make a second backup in case there is a fire in the fireproof safe. (Source: Hogans Heros.)
