Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Always remember to take Backups
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Always remember to take Backups

YmpkerYmpker Member
edited July 2018 in General

Cyanweb Hosting in Perth lost all customers websites/data and had all of their backups destroyed:
https://www.crn.com.au/news/perth-web-hosting-provider-cyanweb-solutions-hit-by-criminal-hacking-data-and-backups-lost-496455

Yet another example why all clients & hosts should be advised to have offsite backups.

Otherwhise you may read something like this on your hosts website:

We may also be able to recover most of your web site pages, images and data from the Wayback Machine which may have a copy of your web site we can download – though this is also assessed on a per account basis. We will update you ASAP.

Thanked by 1vovler

Comments

  • WebProjectWebProject Host Rep, Veteran
    edited July 2018

    corruption of OS and hdd failure is happens, unless provider offer multiple backup options.

  • mkshmksh Member
    edited July 2018

    "We highly suspect they were 'professionals', as at the time of the infiltration the server was being 'overloaded' (DDoS) by a highly suspicious range of sequential Swiss server IP addresses."

    "Some Swiss servers are like Swiss bank accounts and are sometimes used by
    professional criminal organisations and other well-funded cyber terrorist groups,"

    Of course it wasn't that 13 year old fat kid. That'd be shameful.

    Thanked by 1inklight
  • Ympker said: We may also be able to recover most of your web site pages, images and data from the Wayback Machine which may have a copy of your web site we can download – though this is also assessed on a per account basis. We will update you ASAP.

    It'd be tedious job but even if they pull it off, it'll only be frontend. Customers still wouldn't get their applications/backend and so much of other data types.

    Thanked by 1Ympker
  • vovlervovler Member
    edited July 2018

    Quick, to the Wayback machine


    "Some Swiss servers are like Swiss bank accounts and are sometimes used by professional criminal organisations and other well-funded cyber terrorist groups,"

    or... or...

    a kid got a "stress tester" on HF and targeted you.

    Thanked by 2mksh HBAndrei
  • deankdeank Member, Troll

    It's not gonna happen to me. Backup is for nerds.

  • NeoonNeoon Community Contributor, Veteran

    I ordered some floppy disks + floppy drive just in case.

    Thanked by 1FHR
  • YmpkerYmpker Member
    edited July 2018

    @jetchirag said:

    Ympker said: We may also be able to recover most of your web site pages, images and data from the Wayback Machine which may have a copy of your web site we can download – though this is also assessed on a per account basis. We will update you ASAP.

    It'd be tedious job but even if they pull it off, it'll only be frontend. Customers still wouldn't get their applications/backend and so much of other data types.

    Well in a way it is nice to see they are struggling to get their customers data back. Referring to The Waybackmachine is however not looking too good for the clients there.

  • @Ympker said:

    @jetchirag said:

    Ympker said: We may also be able to recover most of your web site pages, images and data from the Wayback Machine which may have a copy of your web site we can download – though this is also assessed on a per account basis. We will update you ASAP.

    It'd be tedious job but even if they pull it off, it'll only be frontend. Customers still wouldn't get their applications/backend and so much of other data types.

    Well in a way it is nice that they are struggling to get their customers data back. Referring to The Waybackmachine is however not looking too good for the clients there.

    Yup, without backups, that's all (max) they can do.

  • YmpkerYmpker Member

    @jetchirag said:

    @Ympker said:

    @jetchirag said:

    Ympker said: We may also be able to recover most of your web site pages, images and data from the Wayback Machine which may have a copy of your web site we can download – though this is also assessed on a per account basis. We will update you ASAP.

    It'd be tedious job but even if they pull it off, it'll only be frontend. Customers still wouldn't get their applications/backend and so much of other data types.

    Well in a way it is nice that they are struggling to get their customers data back. Referring to The Waybackmachine is however not looking too good for the clients there.

    Yup, without backups, that's all (max) they can do.

    Well most webhosting services do not advertise any backups and point out in their ToS that it is the customers responsibility to make their own backups. Still, being able to help out your customers with some occasionally taken backups (for disaster recovery) would be the better way to go.

    Thanked by 1jetchirag
  • FHRFHR Member, Host Rep

    So, the attackers dd'd the server and that somehow deleted backups. Three scenarios:

    • Backups were done to local drives
    • Backup storage was permanently mounted
    • No backups actually
    Thanked by 1mksh
  • deankdeank Member, Troll

    The third is likely the choice.

    I can bet -0.1 cent on it.

    Thanked by 1mksh
  • mkshmksh Member

    Switzerland should sue those guys for slander.

    Thanked by 1FHR
  • bjrjkbjrjk Member

    Emmm, a painful lesson. However, I'm always wanting to backup all my websites data but didn't find a good way...Does anyone have convenient ways?

  • YmpkerYmpker Member

    @bjrjk said:
    Emmm, a painful lesson. However, I'm always wanting to backup all my websites data but didn't find a good way...Does anyone have convenient ways?

    Depending on your setup SFTP/RSYNC, local and offline backups come to mind.

  • sinsin Member
    edited July 2018

    I sincerely hope all of their customers are migrating to a new provider that actually keeps backups.

    "While our server admin was distracted by the DDoS attack, the hackers simultaneously infiltrated the server, escalated their privileges and delivered a seek and destroy payload.

    Did they get attacked by missiles?

    Thanked by 4mksh southy FHR vimalware
  • joepie91joepie91 Member, Patron Provider
    edited July 2018

    @sin said:
    I sincerely hope all of their customers are migrating to a new provider that actually keeps backups.

    "While our server admin was distracted by the DDoS attack, the hackers simultaneously infiltrated the server, escalated their privileges and delivered a seek and destroy payload.

    Did they get attacked by missiles?

    @mksh said:

    "We highly suspect they were 'professionals', as at the time of the infiltration the server was being 'overloaded' (DDoS) by a highly suspicious range of sequential Swiss server IP addresses."

    "Some Swiss servers are like Swiss bank accounts and are sometimes used by
    professional criminal organisations and other well-funded cyber terrorist groups,"

    Of course it wasn't that 13 year old fat kid. That'd be shameful.

    I see we have another member for the club of "companies that grossly overstate the sophistication of the attacker so that they can play innocent victim even though they probably fucked up in some really stupid way".

  • @FHR said:
    So, the attackers dd'd the server and that somehow deleted backups. Three scenarios:

    • Backups were done to local drives
    • Backup storage was permanently mounted
    • No backups actually

    Backing up to local drives or permanently mounted storage is essentially the same thing as not having any back ups... the result is going to be the same if anything goes wrong. :(

  • jsgjsg Member, Resident Benchmarker

    @mksh said:

    "We highly suspect they were 'professionals', as at the time of the infiltration the server was being 'overloaded' (DDoS) by a highly suspicious range of sequential Swiss server IP addresses."

    "Some Swiss servers are like Swiss bank accounts and are sometimes used by
    professional criminal organisations and other well-funded cyber terrorist groups,"

    Of course it wasn't that 13 year old fat kid. That'd be shameful.

    OF COURSE NOT! How can you even think something like that you evil man.

    It was the script that the 13 year old fat kid used. You know, the "use a series of evil swiss IPs to DDOS a server and then delete everything except the logs showing your evil swiss IP series" script.

    Thanked by 1mksh
  • WebProjectWebProject Host Rep, Veteran

    @FHR said:

    • Backups were done to local drives

    Provide is used hard drive RAID as backup.

    The RAID and other mentioned option are not backup options as anything happens to hardware all data will be lost as result.

Sign In or Register to comment.