what if your cloud=provider gets hacked ?

kristoff@infosec.pub to Selfhosted@lemmy.world – 90 points –
bleepingcomputer.com

Hi all,

As self-hosting is not just "home-hosting" I guess this post should also be on-topic here.

Beginning of the year, bleeping-computers published an interesting post on the biggest cybersecurity stories of 2023.

Item 13 is an interesing one. (see URL of this post). Summary in short A Danish cloud-provider gets hit by a ransomware attack, encrypting not only the clients data, but also the backups.

For a user, this means that a senario where, not only your VM becomes unusable (virtual disk-storage is encrypted), but also the daily backups you made to the cloud-provider S3-storage is useless, might be not as far-fetches then what your think.

So .. conclussion ??? If you have VMs at a cloud-provider and do daily backups, it might be usefull to actually get your storage for these backups from a different provider then the one where your house your VMs.

Anybody any ideas or remarks on this?

(*) https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2023/

44

You are viewing a single comment

haha

"the cloud" does not change the fact that if you data does not reside in 2 physical locations you do not have a backup.

so yes, standard practices that have existed... well, since the beginning, still apply.

Well, the issue here is that your backup may be physically in a different location (which you can ask to host your S3 backup storage in a different datacenter then the VMs), if the servers themselfs on which the service (VMs or S3) is hosted is managed by the same technical entity, then a ransomware attack on that company can affect both services.

So, get S3 storage for your backups from a completely different company?

I just wonder to what degree this will impact the bandwidth-usage of your VM if -say- you do a complete backup of your every day to a host that will be comsidered as "of-premises"

yeah, you can use another cloud provider as backup.. if you do it correctly.

personally, my disaster recovery plans dont include entire offsite VMs. i only care about data in a dr situation. so you send incremental daily backups offsite.

containers have made VMs even more irrelevant/ephemeral so focus on the data.

if you backup your vm data to the same provider as you run your vm on you don't have an 'off-site'-backup, which is one criteria of the 3-2-1 backup rule.