Hi all,

As self-hosting is not just “home-hosting” I guess this post should also be on-topic here.

Beginning of the year, bleeping-computers published an interesting post on the biggest cybersecurity stories of 2023.

Item 13 is an interesing one. (see URL of this post). Summary in short A Danish cloud-provider gets hit by a ransomware attack, encrypting not only the clients data, but also the backups.

For a user, this means that a senario where, not only your VM becomes unusable (virtual disk-storage is encrypted), but also the daily backups you made to the cloud-provider S3-storage is useless, might be not as far-fetches then what your think.

So … conclussion ??? If you have VMs at a cloud-provider and do daily backups, it might be usefull to actually get your storage for these backups from a different provider then the one where your house your VMs.

Anybody any ideas or remarks on this?

(*) https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2023/

  • originalucifer@moist.catsweat.com
    link
    fedilink
    arrow-up
    12
    ·
    11 months ago

    haha

    “the cloud” does not change the fact that if you data does not reside in 2 physical locations you do not have a backup.

    so yes, standard practices that have existed… well, since the beginning, still apply.

    • kristoff@infosec.pubOP
      link
      fedilink
      English
      arrow-up
      5
      ·
      11 months ago

      Well, the issue here is that your backup may be physically in a different location (which you can ask to host your S3 backup storage in a different datacenter then the VMs), if the servers themselfs on which the service (VMs or S3) is hosted is managed by the same technical entity, then a ransomware attack on that company can affect both services.

      So, get S3 storage for your backups from a completely different company?

      I just wonder to what degree this will impact the bandwidth-usage of your VM if -say- you do a complete backup of your every day to a host that will be comsidered as “of-premises”

      • originalucifer@moist.catsweat.com
        link
        fedilink
        arrow-up
        4
        ·
        11 months ago

        yeah, you can use another cloud provider as backup… if you do it correctly.

        personally, my disaster recovery plans dont include entire offsite VMs. i only care about data in a dr situation. so you send incremental daily backups offsite.

        containers have made VMs even more irrelevant/ephemeral so focus on the data.

      • ErwinLottemann@feddit.de
        link
        fedilink
        English
        arrow-up
        2
        ·
        11 months ago

        if you backup your vm data to the same provider as you run your vm on you don’t have an ‘off-site’-backup, which is one criteria of the 3-2-1 backup rule.