Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Thursday October 29 2015, @10:41AM   Printer-friendly
from the backups-just-do-it dept.

There is a particularly devious type of malicious software that locks users out of their own computer systems until an individual agrees to pay a ransom to the hackers. In these cases, the FBI has surprisingly suggested just ponying up the dough.

It's not the type of advice one would typically expected from the FBI, but that's exactly what was recommended by Joseph Bonavolonta, the assistant special agent in charge of the FBI's CYBER and Counterintelligence Program Boston office.

"The ransomware is that good," said Bonavolonta at the 2015 Cyber Security Summit in Boston, as quoted by Security Ledger. "To be honest, we often advise people just to pay the ransom."

https://www.rt.com/usa/319913-fbi-pay-ransomware-hackers/?utm_source=rss&utm_medium=rss&utm_campaign=RSS

Yeah, it's RT, but I did a search, and that or similar headlines popped up on dozens of news sites. I clicked a couple of them, and the stories match. Try this one,
https://thehackernews.com/2015/10/fbi-ransomware-malware.html

Personally, I can almost certainly afford to nuke and reinstall, unless they get my RAID array. Then - I'd have to think hard.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Thursday October 29 2015, @01:35PM

    by Anonymous Coward on Thursday October 29 2015, @01:35PM (#256003)

    If you have a proper backup, you can certainly afford losing everything on your RAID, exactly because you've got a backup of it. Just wipe the RAID and restore the backup. Nothing to think hard about.

    Well, except about the question on how they managed to hack your RAID. You definitely want to plug that hole.

  • (Score: 2) by Runaway1956 on Thursday October 29 2015, @01:59PM

    by Runaway1956 (2926) Subscriber Badge on Thursday October 29 2015, @01:59PM (#256014) Journal

    Well, it appears that they can encrypt anything that you have read/write access to. So, that's how they would access my RAID.

    And, no, I don't have a full backup of my RAID. I would have to purchase a few hard drives to do that, along with an NAS of some type. Or, purchase space on some server in the cloud. I'm not a fan of the cloud though.

    The good news is - only one user has r/w access to the RAID. All other users have read access only.

    • (Score: 2) by RedGreen on Thursday October 29 2015, @03:13PM

      by RedGreen (888) on Thursday October 29 2015, @03:13PM (#256060)

      Well you don't really care about your data then. Personally I have my main copy on a machine connected to the network when I turn it on, then a backup machine with second copy and lastly third machine containing a backup if the backup fails. All using zfs RAIDz for data integrity checking now I did skimp on the two backups as they were re-used old machines left over from past upgrades and they do not use ECC ram in them for rock solid error handling. But they get the job done the main backup machine has ECC ram in it.

      --
      "I modded down, down, down, and the flames went higher." -- Sven Olsen
      • (Score: 2) by Tramii on Thursday October 29 2015, @04:22PM

        by Tramii (920) on Thursday October 29 2015, @04:22PM (#256088)

        Well you don't really care about your data then.

        To be fair, we don't know how much data is on the RAID array. Sure, most people can easily fit all their important data into 1 TB, so they really have no excuse for not having an offline backup somewhere. But it could be the the OP has many many TBs of data (unlikely, but possible), and attempting to back everything up is simply financially unfeasible.

        • (Score: 2) by RedGreen on Thursday October 29 2015, @04:56PM

          by RedGreen (888) on Thursday October 29 2015, @04:56PM (#256105)

          If it is important enough to go out of your way to have it on a RAID then it is important enough to plan for the failure that will occur. Perhaps I am just too anal about it but that is the way I go about it having many years ago lost all my important stuff to them POS Seagate drives I had it on. What I do now is never have a drive that is over two years old holding my main copy, every year and a half or so I start the process of buying the new drives that will hold the new incarnation of my storage. Buying one every couple of months or so until I have enough to copy it all over easy to do if you plan ahead and put aside the money to do it. Middle of next year I am due to start the process all over again as the 4tb drives I bought earlier this year, will by the end of next year be just about two years old ready to go to secondary backup roles.

          --
          "I modded down, down, down, and the flames went higher." -- Sven Olsen
          • (Score: 2) by darkfeline on Friday October 30 2015, @12:22AM

            by darkfeline (1030) on Friday October 30 2015, @12:22AM (#256286) Homepage

            >If it is important enough to go out of your way to have it on a RAID then it is important enough to plan for the failure that will occur.

            Actually no; this is one thing that most people get wrong. RAID is not for data protection, although it provides a tiny amount of protection as a side effect: using RAID to protect your data is like using the side effects of some cancer treatment drug to lower your fever.

            RAID is for data redundancy. That is, if a disk fails, your server can keep chugging while you swap it out, as opposed to restoring from backup.

            If your data needs 24/7 availability, use RAID. If you care about losing your data, use backups. It just so happens that the two often overlap.

            --
            Join the SDF Public Access UNIX System today!
            • (Score: 2) by Nollij on Friday October 30 2015, @11:45PM

              by Nollij (4559) on Friday October 30 2015, @11:45PM (#256726)

              RAID does provide data protection from certain types of data loss - most notably, drive failure. Backups provide a superset of protection for other types - most notably user error
              Given that hardware failure is the most common source of data loss for people, I would hardly call it "a tiny amount of protection"

              In my experience, by far the #1 cause of backup failures is that people just won't do them, even after it's been setup. They also don't test them to see if they work.

              It's also possible to have data that's important enough to have on a RAID, but not important enough to have backups for. Just like it may not be important enough for off-site backups, or sensitive enough for encryption.

              • (Score: 2) by Justin Case on Saturday October 31 2015, @06:40PM

                by Justin Case (4239) on Saturday October 31 2015, @06:40PM (#256952) Journal

                hardware failure is the most common source of data loss

                by far the #1 cause of backup failures is that people just won't do them

                Well, which is it? Hardware failure or human failure? Because your second point is entirely a human failure.

                Plus accidental deletes, getting pwned, installing crapware (but I repeat myself...)

                In my completely unscientific opinion, human failures trash a lot more data than hardware. Especially since hardware, properly configured (with redundancy) can be nearly 99.9999... faultless. So again, the decision not to do that is another human failing.

                Oh and if you can't afford redundancy, you can't afford a computer. Because sooner or later some part is going to fail, and that's when you'll realize the value of the time you spent creating all that information, plus the time you will now spend trying to piece back together whatever you can salvage, far exceeds the price of doing it right the first time.

                I think what I'm saying here is computers would be perfect if nobody ever used them! :)

                • (Score: 2) by Nollij on Monday November 02 2015, @12:45AM

                  by Nollij (4559) on Monday November 02 2015, @12:45AM (#257322)

                  They measure two different things. One measures data loss as a whole, one measures failures of the backup system. Most people will only use the backup system after suffering data loss, which I find happens most after hardware failure.

                  Excluding the human factor from a system will guarantee failure - If someone knows they won't send in the rebates, they shouldn't factor them into a buying decision. Yes, it's a human error, but it is still going to happen. If I know I won't run the backups, then I shouldn't be pretending that I will. Instead, I should make a plan that I will actually follow.

                  Oh and if you can't afford redundancy, you can't afford a computer

                  That is absolutely absurd, for so many reasons. First, are we talking about the computer or the data? I can use a computer to do all sorts of things that don't require any data to be saved. Second, each piece of data has a value - Do I need backups of my movie collection? How much am I willing to spend to create a backup? Or, put another way, how willing am I to lose that data? What if it's my personal photos? Original, unedited source files? Legal correspondence?

                  On top of all that, it's an elitist statement, dismissive of those who don't have or aren't willing to spend money on this. Should they really not have access to technology in general, just because some of them will have a problem with it?

                  Obviously, everyone has to plan for equipment to fail - but that plan does not need to be a blanket answer across the board. I have my movies on a RAID for convenience, and to prevent a common source of data loss. If, however, the RAID should fail, or I get hit by a virus, I won't be heartbroken to lose that data. Therefore, I'm not investing in off-site backups or anything like that, at least not for this.

                  (BTW, I have my important data - my really important data, and nothing else - backed up on GDrive. I have more data that I feel is important enough backed up on my LAN)

    • (Score: 0) by Anonymous Coward on Thursday October 29 2015, @04:19PM

      by Anonymous Coward on Thursday October 29 2015, @04:19PM (#256087)

      I am considering building a triple-redundant "RAID" (using ZFS) for the sole purpose of back-ups.

      I have been making do with smaller hard-drives because I have no idea how to back-up otherwise. (Can't really afford tape)

      • (Score: 3, Interesting) by Tramii on Thursday October 29 2015, @04:31PM

        by Tramii (920) on Thursday October 29 2015, @04:31PM (#256092)

        RAID guards against certain types of hardware failure. There's lots of failure modes that it doesn't guard against. Some examples include things like:

        • Human error (deleting files by mistake)
        • Catastrophic damage (house burns down)
        • Viruses and other malware
        • Software bugs that wipe out data
        • Hardware issues with the RAID controller itself

         

        A good backup system should support:

        • Multiple rotating copies
        • Geographic redundancy
        • (Score: 0) by Anonymous Coward on Friday October 30 2015, @08:10AM

          by Anonymous Coward on Friday October 30 2015, @08:10AM (#256377)

          I think I was not clear:

          The RAID would be off-site, and off-line.

          The machine housing the disks will contain a Public-Private key pair, such that I can encrypt the backups in transit with only the public key.

          The sole purpose of using triple-redundant ZFS is to be able to detect read/write errors (and then correct them). If I had money, I would just use tape.

    • (Score: 3, Insightful) by darkfeline on Friday October 30 2015, @12:17AM

      by darkfeline (1030) on Friday October 30 2015, @12:17AM (#256284) Homepage

      >And, no, I don't have a full backup of my RAID. I would have to purchase a few hard drives to do that, along with an NAS of some type. Or, purchase space on some server in the cloud. I'm not a fan of the cloud though.
      >The good news is - only one user has r/w access to the RAID. All other users have read access only.

      This is a facepalm-worthy setup. Okay, you don't have a backup. There's a user with direct write access. If that user gets compromised (stuff happens), you're screwed. If YOU make a mistake (rm -rf /home /bob/tmp), you're screwed. If ANY non-hardware-failure-related error happens (including if an HDD microcontroller loses its sanity), you're screwed (cosmic rays are a thing, however rare they are).

      There's a reason you should make backups, and there's a reason that "RAID is not a backup". I'm not sure whether I should pray that you learn this lesson the hard way--better sooner than later?

      --
      Join the SDF Public Access UNIX System today!
      • (Score: 2) by Runaway1956 on Friday October 30 2015, @07:38AM

        by Runaway1956 (2926) Subscriber Badge on Friday October 30 2015, @07:38AM (#256368) Journal

        LOL - I've learned the lesson, really.

        Another poster mentioned cost. Not everyone can afford a home server. I can't, really, but I have one anyway. In fact, my workstation is on the server, because my most recently purchased workstation kinda crapped out.

        In all honesty, I suppose that I have "backups". JBOD - disks that I've collected over the years. Some purchased from retail vendors, and many more recovered from machines that have been parted out. My months old RAID has absorbed the data from the JBOD, and now those disks reside in a couple of cardboard boxes. If the RAID dies unexpectedly, I could recover all of it. Just as I could, in theory, recover all the data that was backed up years ago on floppy disks and later CD's.

        This RAID that I'm so proud of right now was my summer project. Maybe this winter, I'll spend the bucks, and build an actual backup system. Or, I may put it off til next summer.

        As for off-site backups - I'll probably never get around to that. Or, maybe I'll eventually make an encrypted volume, add those files and folders that I consider most important, then put that volume in the cloud. I would never consider using the cloud for backup if the provider holds the encryption keys. That will never happen - we've seen how easily some of those providers have been compromised.

        Ehhh - life is risk, and risk is life. The only data that is essential to me, resides in my head anyway. I can recover and/or rebuild everything else after a catastrophic loss. It would be a major inconvenience to do so, but it could be done.