Slash Boxes

SoylentNews is people

Breaking News
posted by janrinok on Saturday July 03 2021, @10:55AM   Printer-friendly

About 200 US businesses have been hit by a "colossal" ransomware attack, according to a cyber-security firm.

Huntress Labs said the hack targeted Florida-based IT company Kaseya before spreading through corporate networks that use its software.

Kaseya said in a statement on its own website that it was investigating a "potential attack".

Huntress Labs said it believed the Russia-linked REvil ransomware gang was responsible.

The US Cybersecurity and Infrastructure Agency, a federal agency, said in a statement that it was taking action to address the attack.

The cyber-breach emerged on Friday afternoon as companies across the US were clocking off for the long Independence Day weekend.

The two big things that are keeping cyber-security professionals up at night lately are ransomware attacks and supply chain attacks. This latest incident combines both nightmares into one big Independence Holiday weekend-ruining event for hundreds of US IT teams.

Ransomware is the scourge of the internet. Multiple organised criminal gangs are constantly attempting to gain access to computer networks to hold them hostage. The rate of attack is relentless but it can take a lot of time and effort on the criminals part to successfully hijack one victim's computer system.

See also:

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 1, Interesting) by Anonymous Coward on Sunday July 04 2021, @05:27AM (5 children)

    by Anonymous Coward on Sunday July 04 2021, @05:27AM (#1152748)

    I worked for a company that did backups properly:
    Mon - Thu tapes, overwritten weekly
    5 x Fri tapes overwritten monthly
    12 x month-end tapes, overwritten yearly
    yearly tapes, never overwritten.
    ad-hoc backups for system changes, never overwritten.
    All tapes were picked up daily by a security company and held off-site.

    The head IT guy (who knew what he was doing) wrote the script that ran the backups. It backed up major database 1, backed up major database 2, rewound the tape, verified the backups, reported the result, rewound the tape for storage and ejected it. Script ran at 2am when no-one was using the systems.

    Few months go by, assistant IT decided he wanted to also backup unimportant (but bloated) system he was responsible for. Plenty of room on tape (big for the time LTO tapes) so he decides to tag it on the end of the other backups. Modifies head guys script via copy and paste.

    New sequence goes; Backup DB1, Backup DB2, Rewind tape, Verify, Report results to IT Head, Rewind tape, Backup Unimportant DB, Rewind, Verify, Report result to IT Ass, eject tape. Note, the minor (bloated) system backup was longer than the Major DB1 and DB2 backups.

    Time goes by and hard drive crashes. DB1 and DB2 both trashed. No worries, we have backups right? They had to go back to an ad-hoc backup from about five months earlier, re-enter what they could from paperwork. I think it cost them millions.

    Starting Score:    0  points
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  

    Total Score:   1  
  • (Score: 2) by RS3 on Monday July 05 2021, @04:17PM (4 children)

    by RS3 (6367) on Monday July 05 2021, @04:17PM (#1153044)

    You didn't point out the problem, so just being thorough (problem seems apparent): the new tape backup sequence overwrote the main DBs?

    One safety mode is: don't rewind the tape.

    • (Score: 0) by Anonymous Coward on Monday July 05 2021, @05:08PM (3 children)

      by Anonymous Coward on Monday July 05 2021, @05:08PM (#1153052)


      It did the head guys backup properly, verified it, sent him a message saying it was ok, then ass's add-on rewound the tape and wrote his backup over it.

      • (Score: 2) by RS3 on Monday July 05 2021, @05:30PM (2 children)

        by RS3 (6367) on Monday July 05 2021, @05:30PM (#1153057)

        Sorry, I just had to confirm in detail that something that stupid was done. And stupid on many levels. Was nobody checking the work? I guess I'm being idealistic. But you'd hope that something as important, maybe critical, as backups, would have some kind of cross-checking done.

        Some years ago (mid-90s) I had a job and one assignment was pretty much just assemble systems and install software (industrial controls- PLC, SCADA, etc.) IBM PS/2 server hardware, running OS/2 (yes). I wish I could remember the backup software brand; it watched for any filesystem change, and did incremental backup to tape within seconds. I thought that was awesome, and yet I'm not aware of any other software that does that behavior.

        In most backup scenarios we've kept weekly full backups indefinitely (remove the write-allow tab), and done differential ones daily if not hourly. Basically we could always go back to some point in the past if needed. Restore might have been tedious, but the data was there. Tape is far too cheap to be stupid (with overwriting things).

        Any knowledge of backup software that watches filesystem and backs up any changes on the fly?

        • (Score: 0) by Anonymous Coward on Tuesday July 06 2021, @02:06AM (1 child)

          by Anonymous Coward on Tuesday July 06 2021, @02:06AM (#1153182)

          This was back in the 90's too.
          Head guy implemented it, checked it was working, monitored it and did manual tape reads for several weeks to be sure it was working. Handed off actual physical tape swapping and monitoring to Ass. Ass put his brain-fart on it without telling anybody, and just trusted the messages. I said LTO, but I'm not really sure. I do know that the tapes they were using were stupidly expensive.

          it watched for any filesystem change, and did incremental backup to tape within seconds.

          That sounds like it was part of the OS. Back then that would have been a lot of overhead for an add-on program.
          These days you would need to exclude a lot of files. Every damn program out there is constantly saving its status to disk.

          Any knowledge of backup software that watches filesystem and backs up any changes on the fly?

          Not much knowledge of any current back-up software. Wasn't my job back then either, I was just close enough to know what happened. For my own system I just do a copy of /home now and again. Fits on a CD. Anything else is just a download away.

          • (Score: 2) by RS3 on Tuesday July 06 2021, @02:57AM

            by RS3 (6367) on Tuesday July 06 2021, @02:57AM (#1153194)

            OS of course knows what's being written to disk. You (quite easily) tagged files and directories you wanted backed to tape in the software. Worked very well. Sure wish I had written it down. It was so awesome, I "assumed" all tape software worked that way.

            Funny story- 2 guys were feverishly writing gobs of C on Unix (not sure which flavor- maybe HP-UX) for months. They decide to do a backup to tape. I mean, seriously major large project, many months, full-time. Anyway, guy gives tar command, but reverses disk and tape devices. So yes, OS said "okay, you want to write the raw tape to the raw disk. I can do that."

            Fortunately they were taking notes as they went, so it took them another 2 weeks to recreate the whole project. I was doing sector-level stuff in those days, and offered to recover lots of files, or at least parts of files, but everyone declined (it was a VERY political / competitive place).