• Nightwatch Admin@feddit.nl
    link
    fedilink
    English
    arrow-up
    74
    ·
    1 year ago

    Nice, another bunch of assholes out of business. Just one question: why the fk did they not have backups? They weren’t just wee little hateful bastards but stoopid on top too?

    • Unforeseen@lemmy.world
      link
      fedilink
      English
      arrow-up
      41
      ·
      edit-2
      1 year ago

      As someone who deals with this sort of thing, for ransomware and other destructive intrusions, the first thing they go for is the backups themselves.

      Companies that have an second backup copy that is seperate somehow so non-lateral movement isn’t possible are the ones that survive this level of breach.

      Or they could just be stupid (cheap) and didn’t have any lol

      • 50gp@kbin.social
        link
        fedilink
        arrow-up
        13
        ·
        1 year ago

        well they dealt in malware, perhaps they wanted the evidence to be easy to delete in case law enforcement decided to visit

        • evatronic@lemm.ee
          link
          fedilink
          English
          arrow-up
          8
          ·
          1 year ago

          Part of a good backup solution involves ensuring that it’s literally impossible for the “root” / “administrator” whatever user on the production system to delete the backups. For instance, were this AWS, it would be done by creating a separate AWS account and use IAM roles to provide access to a S3 bucket with the “DeleteObject” permission explicitly denied. Perhaps, even deny everything except something like PutObject, and ensure the target S3 bucket is versioned, so even overwriting the contents with garbage is recovered by restoring a previous version.

          But most businesses don’t think like that.

      • Nightwatch Admin@feddit.nl
        link
        fedilink
        English
        arrow-up
        3
        ·
        1 year ago

        I go for stupid &cheap, most people think backups is when onedrive and Microsoft reinforces that insane idea with popups).