- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Hi all,
As self-hosting is not just “home-hosting” I guess this post should also be on-topic here.
Beginning of the year, bleeping-computers published an interesting post on the biggest cybersecurity stories of 2023.
Item 13 is an interesing one. (see URL of this post). Summary in short A Danish cloud-provider gets hit by a ransomware attack, encrypting not only the clients data, but also the backups.
For a user, this means that a senario where, not only your VM becomes unusable (virtual disk-storage is encrypted), but also the daily backups you made to the cloud-provider S3-storage is useless, might be not as far-fetches then what your think.
So … conclussion ??? If you have VMs at a cloud-provider and do daily backups, it might be usefull to actually get your storage for these backups from a different provider then the one where your house your VMs.
Anybody any ideas or remarks on this?
You must log in or register to comment.
Easy, I always mirror my cloud. My setting is: cloud is extern and in my network there is always the same copy of everything on a simple smb-nas.
-
My house burns to the ground (or easier, the NAS is broken) = online backup
-
The online provider got hacked = No problem, I have an backup at home.
-
The hackers burned my house down at the same time they killed my cloud = Well fuck.
PS. Since the most syncs are going directly to the cloud its just an rclone cronjob every night to backup everything on the NAS.
-
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I’ve seen in this thread:
Fewer Letters More Letters DNS Domain Name Service/System IP Internet Protocol NAS Network-Attached Storage NAT Network Address Translation
4 acronyms in this thread; the most compressed thread commented on today has 5 acronyms.
[Thread #410 for this sub, first seen 8th Jan 2024, 07:45] [FAQ] [Full list] [Contact] [Source code]
haha
“the cloud” does not change the fact that if you data does not reside in 2 physical locations you do not have a backup.
so yes, standard practices that have existed… well, since the beginning, still apply.
Well, the issue here is that your backup may be physically in a different location (which you can ask to host your S3 backup storage in a different datacenter then the VMs), if the servers themselfs on which the service (VMs or S3) is hosted is managed by the same technical entity, then a ransomware attack on that company can affect both services.
So, get S3 storage for your backups from a completely different company?
I just wonder to what degree this will impact the bandwidth-usage of your VM if -say- you do a complete backup of your every day to a host that will be comsidered as “of-premises”
if you backup your vm data to the same provider as you run your vm on you don’t have an ‘off-site’-backup, which is one criteria of the 3-2-1 backup rule.
Dammit, I came here hoping to see at least one “I have a very special set of skills.” Oh well.
Yeah I’d cut bait, rebuild from latest tapes. But also…
I’d put the corrupted backups in an eye-catching container, like a Lisa Frank backpack or Barbie lunchbox, to put on the wall in my office as a cautionary tale.
deleted by creator
So … conclussion ???
Have backups.
Only 2 copies of your data stored in the same place isn’t enough, you want 3 at minimum and at least 1 should be somewhere else.
What if the data is leaked/compromised?
