Slashdot Mirror
Datacenter Robbed for the Fourth Time in Two Years
mariushm writes "According to the Register, the Chicago-based colocation datacenter C I Host was attacked by armed intruders recently, making it the the fourth time in two years that armed thugs have made off with data. According to a letter C I Host officials sent customers, 'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.' Aggravating the situation, C I Host representatives took several days to admit the most recent breach, according to several customers who said they lost equipment, all the while reporting the problems as 'router failures'."
And if they have been robbed before - why not increase the security? Four times? - That's some kind of record. Maybe it's time to check if the localization of the whole thing is incorrect and move it to a better location where it's less likely to suffer from this kind of incident?
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Don't tase me, bro!
Seriously, though, this sounds like something out of a really bad Hollywood B-Movie.
I didn't know you could do stuff like this in real life.
smells like an inside job / insurance scam 1st would be an anomaly , 4th time i would be looking very hard at the companies and its staffs finances
It turns out the router was unable to route wherever the thieves had taken it.
Hmm, I'm not using them anymore. They had regular power failures in Dallas - claiming 'UPS maintenance'. My home DSL setup is more reliable than their data centre.
Excuse me, but please get off my Pennisetum Clandestinum, eh!
After the first robbery, I'd seriously consider moving my data. If my data is still there after the second robbery, I feel stupid. If my data is still there after the third robbery, I should lose my job. If my data is still there after the fourth robbery, I need to promoted to executive management.
The entire purpose of off-site storage is disaster recovery, and prevention of major disasters like this. Why are these guys still in business?
http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
Suddenly, buying an old army bunker complex to house your datacenter doesn't seem that excessive.
shame on you. Fool me four or more times shame on me!
God, schmod. I want my monkey man!
Anyway - maybe it's time to weave in copper mesh into the T-shirt of all datacenter employees to protect against tazers.
And notice from a comment to the article that any so called man trap doesn't exist - and the security seems to have been far too relaxed. Just a fine example of how not to do things. A good datacenter is located where almost nobody knows where it is - preferably underground in a nondescript location in the countryside. A set of optical fibers will take care of all the traffic. And very few persons shall have physical access to the hardware. Think about how the military handles their datacenters.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Well, if they actually care enough to try to prevent these attacks, I can see three solutions, any of which should be highly effective:
Deadly force. If you are being robbed at gunpoint on a regular basis, your employees can legitimately say that they fear for their lives, and thus, purchasing of firearms is legally and morally justifiable. Perhaps a couple of guards posted at the entrance with semiautomatic rifles, plus three or four in appropriately concealed locations within the facility (or more if the facility is large enough). Criminals (armed or not) will think twice before attacking.
Electrical interference. Hook a 230 kV transmission line directly to the rebar in the walls. Anyone who tries to cut their way in will likely spontaneously combust, or at the very least, be knocked several meters. Such an attack won't happen twice.
Oxygen deprivation. You probably already have halon fire extinguishers. Assign everyone emergency oxygen masks and a red button remote. In the event of an attack, press the red button and put on your oxygen mask. Assuming you dump enough halon, it will bond with all the free oxygen in the room, incapacitating or killing the intruders in seconds. Assuming they survive, they should still be unconscious when the police arrive to arrest them.
Check out my sci-fi/humor trilogy at PatriotsBooks.
I've used them for years, and was an avid supporter of CI Host even while they were enduring constant negative publicity.. I was initially a client of their shared hosting, then upgraded to a dedicated hosting package, and never had an issue aside from the typical short downtime every now and then.. nothing crazy.. so a startup I was working with put a colocated server with them earlier this year and in around 6 months we endure an outage for numerous days, numerous BS excuses, then one day "Oh yeah by the way your server was actually stolen, and good luck finding the real thieves!" So now we come to find that this has happened 3-4 times in the past 2 years, the detective (and even a worker there I talked with) told me they believed it was an inside job. Obviously I am cancelling all of my accounts and taking my business elsewhere. I will proudly do my best to spread the word and tell EVERYONE I know to NEVER use CI Host for *ANYTHING*
'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument.
Good on them for hiring the disabled! Although perhaps the night manager position is not one suited to someone so deaf that they can't hear a Sawz-All cutting though the wall...
Three Squirrels
Last November I had ALL my servers stolen there. Now over all the years I have had servers I have backed up data, upgraded servers, clean installed servers, etc., then that fateful day in November after being stonewalled for days I finally went over to the data center only to find ALL my servers stolen. All my data. Yea I had some offsite backups, etc, but .... stolen. I guess they thieves really liked my XServes. They were nice and shiny in a sea of beige and black.
Anyway, they gave me some free hosting after that, so, I said ok.. big mistake... about a month ago two of my three servers were stolen. Thankfully I had them a bit spread at the datacenter.
Well, can I sue? What can I do now? Same bs, promising me servers and nothing.
Last year I lost a lot of clients,,, granted all but two were mostly very small time hosting accounts. This time I now lost a big client even though I got them back up and running asap... get a server, install configure, read the files from the backup server, etc.
Anyway it was truly the worst feeling I have had in many a year.
It is definitely bs. And what do the Chicago PD do? Well your guess is as good as mine.. maybe they are out ticketing the thieves truck as their meter runs out.
Any lawyers out there that can help?
Mind | Body | Spirit | Cash
1) Reinforcement can be added to walls. Make a sandwich of OSB | sheet Aluminum | OSB | galvanized steel | OSB. The layers will make it difficult to use a chain saw or an abrasive blade. Glue and screw the sandwich.
2) Add an alarm loop between the layers for added protection.
3) Lock the servers to the racks.
4) Have a good alarm company.
Yes, the servers are expensive peices of kit, but I think frankly, its more likely that there is specific data for a specific site that is being stolen rather than just some hardware, and if thats true, they shoudl be hiding the friggin servers rather than leaving them sitting round "ooo rob me rob me rob me!" You gotta ask, who's the target?
I actually had a server hosted in that very Chicago facility. (I actually got referred to it by clicking a "$75 a month colocation" advertisement link on slashdot)
The datacenter in question is in a terrible neighborhood, and I can't see anyone bothering a truck there in the dead of night.
There was no man trap, and no security of any sort, just a tech guy who let me in and opened the glass datacenter door for me.
I doubt they have a panic button of any sort either.
You disable the one guy on call and there would be no police coming, period.
I've actually been in this datacenter. Tried to host some boxes there for a while... and when I finally gave up on their shenanigans, I was not near Chicago, so I just abandoned them there (cheaper than shipping).
First, this datacenter is literally two blocks from what is left of the infamous Cabrini-Green projects. Tough neighborhood, so it's not entirely impossible that it is an outside cracked-up scheme.
There was none of the double-man-trap doors or whatever there. The one staffer was in the back playing a Playstation. The couple of customers in the center exchanged cell numbers, so we could call each other to get let back when we needed to use the toilet.
The Dallas billing people weren't any better. Worst... host... ever.
down at the pawn shop!
Ok, so they robbed $50,000 of routers and servers.
Where are they going to fence them. The average geek has no need of 16 core Xeons, no matter what game they play. If they were dells, (IF) they are going to have TAG #s and it wouldn't be hard to see Dell doing a trace on em, ie very hot property.
Thirdly, no legit business, at least any I have worked in, would touch (some) state of the art servers at half price, no support, from a questionble source with no history. Same goes for all the cisco kit. Bet they end up abroad.
http://www.writeitfor.us - Writing IT for the IT generation.
Seriously, cutting through a reinf. concrete wall is not trivial, if it was indeed just that. By code, the minimum thickness of a concrete wall is 6" and most used for loadbearing in anything but the cheapest residential construction are 8". You aren't cutting that with a reciprocating saw (aka Sawzall). Second, reinforced concrete walls are required (in order to be considered "reinforced" by code) to have steel bars equal to 0.0014 x wall area in both directions at a spacing no greater than 18". That typically works out to a 1/2" steel bar at 12" on center or a 5/8" steel bar at 16" o 18" on center both horizontally and vertically.
Now, this is a non-technical publication, so "reinforced" may mean anything - like a 1/2" bar at the top and bottom, and around jambs. Also, this is Chicago, known far and wide for severe corruption in the building inspection process.
Still, anything close to a RC wall is going to require a diamond blade and a gas powered saw for any kind of efficiency at all, and the cut rate is going to be measured in single-digit (or fractional) inches per minute. Most also require a water source for cooling. You'd have to be utterly incompetent not to catch these guys before they got in.
Is it just my observation, or are there way too many stupid people in the world?
No, one door to the left in the clutch room.
rj
Stronger walls, and maybe armed security guards. Heck, we have them up here in Canada and we don't have a tenth of the violent crime problems Chicago has.
-Billco, Fnarg.com
As a company that host spammers, and threatens lawsuits (cartoonies) against anti spammers, I can only hope the crooks stole the spam servers as well.
http://www.spamhaus.org/sbl/listings.lasso?isp=cihost.com
Lawyers, MBA's, RIAA? A jedi fears not these things!
All the more reason for armed guards or even armed employees
Good luck there - this is *Chicago*, remember. They, like many other large cities, much prefer to disarm the populace and then pretend that there's no more gun crime as a result.
Please stand clear of the doors, por favor mantenganse alejado de las puertas
After the second time they would have someone sitting in there all
the time with this:
http://en.wikipedia.org/wiki/S&W_Model_500
Awwww yeah...
http://www.youtube.com/watch?v=IxLmiYiwvus
Take my server now bro!! I dare ya!
I found these links to the report from a post on theregister.co.uk
Report 1 Page 1
Report 1 Page 2
Report 2 Page 1
Report 2 Page 2
Report 3 Page 1
Report 3 Page 2
The guy says that $50,000 worth of stuff was stolen...not only servers, but misc crap like routers, and battery chargers for Black Berry units.
I'd say either look for a new web host startup in the Chicago area in the next year, or a lot of stuff going cheap on Ebay.
The saddest part about this is that the crims clubbed and zapped some innocent guy that would have offered zero resistance. For this, I hope they thieves go to jail for a long time.
reinforced with what though? a few years worth of playboy calendars?
Caesar si viveret, ad remum dareris.
replaced the servers with an IBM BladeCenter.
The company I work for used to be a client of theirs, and like many others here, eventually got fed up with their constant downtime. When we canceled our service and they shipped the servers back, all four rackmount servers had the rack-screw-tabs bent because they shipped them with no padding whatsoever. They were just rattling around inside the cardboard boxes during shipment.
A former employee of CI Host contacted us after we quit their service and told us this little gem:
That time early this year when their entire Chicago datacenter was down for two days? They forgot to pay their power bill.
I couldn't make this stuff up. They're advertising for a security guard,
"We are seeking motivated individuals" ... translation: work cheap.
"Prior security experience preferred." ... translation: not really a requirement, but if we can get it at no extra cost ...
"Some College is also preferred." ... if you managed to drop out of college instead of high school, you're more "presentable" to our insurers, who are now royally pissed at us ...
"Armed Hand-gun license/permit and ability to supply own weapon a Huge Plus! : translation: "we're cheap! You're desperate AND stupid! Let's talk!"
Or Maybe arming some of the guards - but then again Chicago has some very restrictive gun laws, including a complete ban on handguns, so this may not be possible without relocating. But, that's unpossible! Everyone knows that once you ban guns in an area, crime immediately ceases and the criminals turn to a life of petting puppies and painting rainbow butterflies. Sheesh. To hear you talk, one would think that the criminals would (gasp!) exploit a legally-imposed tactical advantage or something.
Ah yes, Canada is a magical place where there is no crime and people shit pure butterscotch.
It's not about the real estate, it's about redundant everything and lots of backup systems. If an idiot with a backhoe cuts their uplink, they have a couple more so that you don't lose connectivity. If someone flys a kite into the power lines, they have generators to keep things running until power is restored. If a squirrel eats a hole in the air conditioner, they have another one so things don't melt.
Or is it for third-party security, which really makes this bad.Computer equipment is expensive and a data center has a lot of this, so their security compared to what you would have should be a similar relation as a bank's security compared to your sock drawer. That's when it's not a selling point. When it is advertized as a selling point, it sounds like something out of Mission Impossible.
Time to move, I actually live in a rural area, but due to location there was a particular bank that could not be defended, robbed eight times in two years, they finally closed the thing, and voila no more bank robberies in town. Once these people figure something out that works they will become accustomed to more income, they will come back until they get caught, or the easy pickings disappear.
Under the influence of Post-Cyberpunk Gonzo Journalism
You can't GET a carry permit in Chicago, unless you're a cop or military.
CI Host didn't invest in proper facilities. Contrary to the article summary, the robbery was made by people forcing open the door lock to the office, when nobody was there, and an employee "just happened to show up later in response to the alarm". And the crooks "just happened to have tasers" instead of guns. And the crooks "just happened to steal all the non-existent video surveillance cameras".
And the walls are not "reinforced" - they're plain ordinary office walls. Unless you want to count a new coat of paint as "reinforcement".
The night manager was unavailable for comment as he kept stuttering and jerking.
You must have very poor memory, nuzak, if you can't recall what it was like learning your trade.
When I was in high school, I knew I wanted to work in the computer field, yet I didn't know what a datacenter was. If I had met a pretentious jerk like you, I might not be managing a datacenter, today. Luckily, I met people who answered my questions instead of people like you. I also asked questions on slashdot, and learned quite a lot from this place.
And to answer the original question: A datacenter is a room full of computers with experts monitoring and maintaining them 24/7. It has special air conditioning, wiring, and security. Sometimes people rent servers or space there. Sometimes they contain only the computers of the company that owns the datacenter.
A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
Okay Frankie. Youse got da info we need to break inta da place, right?
Yeah boss! Lookie here, on da webpage!
Name: CDC-03
Location: 900 North Franklin, 3rd Floor, Chicago, IL 60610
NPA/NXX: 312/640
Not bad, Frankie...not bad! Uh-oh...what's dis? Dis could hold us up...
No signage, nondescript building
No problemo, boss! See? They gave us a picture!
*snort* An dey call us teeves dumb...
[End Of Line]
http://www.isp.state.il.us/foid/ordinances.cfm
"There's an old saying in Tennessee -- I know it's in Texas, probably in Tennessee -- that says, fool me once, shame on -- shame on you. Fool me -- you can't get fooled again." --President "ugh" George W Bush, Nashville, Tenn., Sept. 17, 2002
We all wish this was a utopia where this was true, however it couldn't be further from it. Criminals will always have access to firearms readily no matter how strict the gun laws are. Increased gun laws or bans tends to result in an increase in organized crime. Sure you cut down on some of the horrible aspects of guns: accidental deaths, anger/alcohol related murders. However when you take guns out of the hands of responsible citizens you do little to dissuade all types of criminals who will still have access to weapons, and in fact will often encourage violent crime since the criminal can be sure that he is the only one with a weapon.
A great example of this is found with the "Gun Free Zones" in the states, particularly schools. Mass school shootings are occurring more and more frequently in the states, with the VATech shooting being the most recent and horrific. Most of these crimes when investigated show a large amount of time and effort went into them. Including obtaining illegal weapons such as explosives in some cases. All the gun bans in the world wouldn't stop these people from acquiring weapons.
In these gun free zones the criminal can be sure that the chances of someone else on campus gun to shoot back with being slim to none. So they attack the campus and shoot and shoot until the police stop them. Oh wait the police have yet to stop any of them in the cases I'm aware of. In fact in every case these individuals have ended the spree THEMSELVES, by taking their own life, usually well before police arrive. Gun free zones and strict gun laws (or bans as you advocate) do nothing other than promote violent crime, and have been shown in studies that enactment of gun laws has increased violent crime.
In my opinion the best balance is limiting access to weapons by background checks, weapon classes for special permits (concealed carry), and limiting some types of weapons. In most potential cases a handgun or shotgun is more than adequate for self defense. As such I agree with bans placed on assault weapons. The last thing we should be doing is taking guns from responsible individuals.
Mobius Custom Computers
If you can do the job, and do it well, who cares what the fuck piece of paper you have?
God invented whiskey so the Irish would not rule the world.
One of the best design/implementation guys I know is a high school dropout. He was too smart and too much of a wiseass in school so he had problems with the administration, in frustration he dropped out. Now he makes six figures and travels the country as a consultant. He's probably been in charge of the design and implementation of over a thousand systems. While I would want my DBA to be a college graduate due to the applicability of CS concepts there are many positions including network administrator that don't really have much applicable need for a degree. I would take a guy with a decade of solid experience over a recent CS grad every time.
There are 4 boxes to use in the defense of liberty: soap, ballot, jury, ammo. Use in that order. Starting now.