SoylentNews is people
SoylentNews
Backups 'no longer effective' for stopping ransomware attacks:
The growth of double extortion – and even triple extortion – ransomware attacks is in danger of rendering common, traditional methods of mitigating the impact of a ransomware hit, such as well-maintained backups, less efficacious, according to a report from machine identity specialist Venafi.
Data collated from Venafi's worldwide survey of IT and security decision-makers reveal that 83% of successful ransomware attacks now involve alternative extortion methods – for example, using stolen data to extort customers (38%), leaking data to the dark web (35%), and informing customers that their data has been compromised (32%). A mere 17% of attacks merely ask for money for a decryption key.
Venafi said that this means that because ransomware attacks now rely on data exfiltration, effective backup strategies are therefore to some extent "no longer effective" for containing a breach.
"Ransomware attacks have become much more dangerous. They have evolved beyond basic security defences and business continuity techniques like next-gen antivirus and backups," said Kevin Bocek, vice-president of business development and threat intelligence at Venafi.
Venafi also found that cyber criminals are increasingly following through on their threats whether or not they get paid. Indeed, 18% of victims had their data leaked despite paying, while more than the 16% who refused outright to pay anything and had their data leaked. Some 8% refused outright, but then had their customers extorted; and 35% paid, but were left hanging, unable to retrieve their data.
(Score: 5, Interesting) by Mojibake Tengu on Saturday February 26 2022, @04:43PM (5 children)
Archive as NFS on ZFS. Requires kitchen server with its own UPS. Server has no ssh login at all, but own console. Strictly no other services to net except NFS. Good size quad mirror zpool on geli encryption down under.
Can't be effectively stolen, invaded or infected directly and does snapshots and backups automagically on itself.
If something happens to client's data at the client mount, there is still a historical time series of many previous snapshots.
What I do not understand, why commercial NAS devices are not built simply just like that. Remote administration of any critical device is a weakest point.
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 1, Interesting) by Anonymous Coward on Saturday February 26 2022, @06:16PM (1 child)
You can also use SMB, which is capable of exposing ZFS snapshots natively as Windows File History, which makes recovery by end users trivial. ZFS, at least ZFS-on-Linux has native encryption capability now, no need to use geli or LUKS. Using the native capability also allows backups by zfs send/receive even if the target remote server doesn't have the ZFS encryption keys. Handling lower layer encryption backups can be trickier in comparison
In order to have a wide appeal NAS appliances have to:
1) be easily administrable, which means exposing system settings via layers of potentially insecure web technologies
2) provide many, many services at once due to the sheer scope of NAS-related technologies
2a) provide too many legacy connection options
Obviously using a specialized, custom-built system is better, but also way more expensive. Not only you have to hire someone to design and build it, but also to keep it running. NAS vendors at least try to provide timely security updates, but it's always a game of cat-and-mouse. The end users also have to install those updates, which means possible downtime most people want to avoid.
(Score: 2) by Mojibake Tengu on Sunday February 27 2022, @03:31AM
Since Linux does not support delegation with ZFS, for it has no relevant user filesystem control facility necessary for this, I cannot use Linux for servers nor for virtualization.
More importantly, I use this setup for more than a decade already, rock solid. No need for me to experiment with newish possibly unreliable features.
And finally, I consider SMB protocol untrusted, even on Linux.
The edge of 太玄 cannot be defined, for it is beyond every aspect of design
(Score: 4, Insightful) by maxwell demon on Saturday February 26 2022, @06:22PM (1 child)
And how does this backup system prevent live data from being read off the live system?
The Tao of math: The numbers you can count are not the real numbers.
(Score: 0) by Anonymous Coward on Sunday February 27 2022, @05:36AM
Precisely, the only reasonable solutions involve done sort of air gap. I wonder what I'd going to need to happen in order to get companies to just accept that you can't have sensitive information kept on Internet connected computers and not expect this.
I guess that won't happen until they're identifiable and liable.
(Score: 1, Funny) by Anonymous Coward on Saturday February 26 2022, @09:42PM
https://videocardz.com/newz/nvidia-allegedly-hacked-the-ransomware-attackers-back-by-encrypting-1tb-of-its-stolen-data [videocardz.com]