Slashdot Mirror
Datacenter Robbed for the Fourth Time in Two Years
mariushm writes "According to the Register, the Chicago-based colocation datacenter C I Host was attacked by armed intruders recently, making it the the fourth time in two years that armed thugs have made off with data. According to a letter C I Host officials sent customers, 'At least two masked intruders entered the suite after cutting into the reinforced walls with a power saw ... During the robbery, C I Host's night manager was repeatedly tazered and struck with a blunt instrument. After violently attacking the manager, the intruders stole equipment belonging to C I Host and its customers.' Aggravating the situation, C I Host representatives took several days to admit the most recent breach, according to several customers who said they lost equipment, all the while reporting the problems as 'router failures'."
And if they have been robbed before - why not increase the security? Four times? - That's some kind of record. Maybe it's time to check if the localization of the whole thing is incorrect and move it to a better location where it's less likely to suffer from this kind of incident?
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
smells like an inside job / insurance scam 1st would be an anomaly , 4th time i would be looking very hard at the companies and its staffs finances
It turns out the router was unable to route wherever the thieves had taken it.
No, it sounds like something out of a ridiculously popular A-movie that makes 100s of millions of dollars. You underestimate the american public's willingness to watch total crap.
After the first robbery, I'd seriously consider moving my data. If my data is still there after the second robbery, I feel stupid. If my data is still there after the third robbery, I should lose my job. If my data is still there after the fourth robbery, I need to promoted to executive management.
The entire purpose of off-site storage is disaster recovery, and prevention of major disasters like this. Why are these guys still in business?
http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
Suddenly, buying an old army bunker complex to house your datacenter doesn't seem that excessive.
shame on you. Fool me four or more times shame on me!
God, schmod. I want my monkey man!
Anyway - maybe it's time to weave in copper mesh into the T-shirt of all datacenter employees to protect against tazers.
And notice from a comment to the article that any so called man trap doesn't exist - and the security seems to have been far too relaxed. Just a fine example of how not to do things. A good datacenter is located where almost nobody knows where it is - preferably underground in a nondescript location in the countryside. A set of optical fibers will take care of all the traffic. And very few persons shall have physical access to the hardware. Think about how the military handles their datacenters.
If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
Well, if they actually care enough to try to prevent these attacks, I can see three solutions, any of which should be highly effective:
Deadly force. If you are being robbed at gunpoint on a regular basis, your employees can legitimately say that they fear for their lives, and thus, purchasing of firearms is legally and morally justifiable. Perhaps a couple of guards posted at the entrance with semiautomatic rifles, plus three or four in appropriately concealed locations within the facility (or more if the facility is large enough). Criminals (armed or not) will think twice before attacking.
Electrical interference. Hook a 230 kV transmission line directly to the rebar in the walls. Anyone who tries to cut their way in will likely spontaneously combust, or at the very least, be knocked several meters. Such an attack won't happen twice.
Oxygen deprivation. You probably already have halon fire extinguishers. Assign everyone emergency oxygen masks and a red button remote. In the event of an attack, press the red button and put on your oxygen mask. Assuming you dump enough halon, it will bond with all the free oxygen in the room, incapacitating or killing the intruders in seconds. Assuming they survive, they should still be unconscious when the police arrive to arrest them.
Check out my sci-fi/humor trilogy at PatriotsBooks.
I've used them for years, and was an avid supporter of CI Host even while they were enduring constant negative publicity.. I was initially a client of their shared hosting, then upgraded to a dedicated hosting package, and never had an issue aside from the typical short downtime every now and then.. nothing crazy.. so a startup I was working with put a colocated server with them earlier this year and in around 6 months we endure an outage for numerous days, numerous BS excuses, then one day "Oh yeah by the way your server was actually stolen, and good luck finding the real thieves!" So now we come to find that this has happened 3-4 times in the past 2 years, the detective (and even a worker there I talked with) told me they believed it was an inside job. Obviously I am cancelling all of my accounts and taking my business elsewhere. I will proudly do my best to spread the word and tell EVERYONE I know to NEVER use CI Host for *ANYTHING*
Last November I had ALL my servers stolen there. Now over all the years I have had servers I have backed up data, upgraded servers, clean installed servers, etc., then that fateful day in November after being stonewalled for days I finally went over to the data center only to find ALL my servers stolen. All my data. Yea I had some offsite backups, etc, but .... stolen. I guess they thieves really liked my XServes. They were nice and shiny in a sea of beige and black.
Anyway, they gave me some free hosting after that, so, I said ok.. big mistake... about a month ago two of my three servers were stolen. Thankfully I had them a bit spread at the datacenter.
Well, can I sue? What can I do now? Same bs, promising me servers and nothing.
Last year I lost a lot of clients,,, granted all but two were mostly very small time hosting accounts. This time I now lost a big client even though I got them back up and running asap... get a server, install configure, read the files from the backup server, etc.
Anyway it was truly the worst feeling I have had in many a year.
It is definitely bs. And what do the Chicago PD do? Well your guess is as good as mine.. maybe they are out ticketing the thieves truck as their meter runs out.
Any lawyers out there that can help?
Mind | Body | Spirit | Cash
I actually had a server hosted in that very Chicago facility. (I actually got referred to it by clicking a "$75 a month colocation" advertisement link on slashdot)
The datacenter in question is in a terrible neighborhood, and I can't see anyone bothering a truck there in the dead of night.
There was no man trap, and no security of any sort, just a tech guy who let me in and opened the glass datacenter door for me.
I doubt they have a panic button of any sort either.
You disable the one guy on call and there would be no police coming, period.
I've actually been in this datacenter. Tried to host some boxes there for a while... and when I finally gave up on their shenanigans, I was not near Chicago, so I just abandoned them there (cheaper than shipping).
First, this datacenter is literally two blocks from what is left of the infamous Cabrini-Green projects. Tough neighborhood, so it's not entirely impossible that it is an outside cracked-up scheme.
There was none of the double-man-trap doors or whatever there. The one staffer was in the back playing a Playstation. The couple of customers in the center exchanged cell numbers, so we could call each other to get let back when we needed to use the toilet.
The Dallas billing people weren't any better. Worst... host... ever.
down at the pawn shop!
Seriously, cutting through a reinf. concrete wall is not trivial, if it was indeed just that. By code, the minimum thickness of a concrete wall is 6" and most used for loadbearing in anything but the cheapest residential construction are 8". You aren't cutting that with a reciprocating saw (aka Sawzall). Second, reinforced concrete walls are required (in order to be considered "reinforced" by code) to have steel bars equal to 0.0014 x wall area in both directions at a spacing no greater than 18". That typically works out to a 1/2" steel bar at 12" on center or a 5/8" steel bar at 16" o 18" on center both horizontally and vertically.
Now, this is a non-technical publication, so "reinforced" may mean anything - like a 1/2" bar at the top and bottom, and around jambs. Also, this is Chicago, known far and wide for severe corruption in the building inspection process.
Still, anything close to a RC wall is going to require a diamond blade and a gas powered saw for any kind of efficiency at all, and the cut rate is going to be measured in single-digit (or fractional) inches per minute. Most also require a water source for cooling. You'd have to be utterly incompetent not to catch these guys before they got in.
Is it just my observation, or are there way too many stupid people in the world?
No, one door to the left in the clutch room.
rj
Stronger walls, and maybe armed security guards. Heck, we have them up here in Canada and we don't have a tenth of the violent crime problems Chicago has.
-Billco, Fnarg.com
As a company that host spammers, and threatens lawsuits (cartoonies) against anti spammers, I can only hope the crooks stole the spam servers as well.
http://www.spamhaus.org/sbl/listings.lasso?isp=cihost.com
Lawyers, MBA's, RIAA? A jedi fears not these things!
I found these links to the report from a post on theregister.co.uk
Report 1 Page 1
Report 1 Page 2
Report 2 Page 1
Report 2 Page 2
Report 3 Page 1
Report 3 Page 2
The guy says that $50,000 worth of stuff was stolen...not only servers, but misc crap like routers, and battery chargers for Black Berry units.
I'd say either look for a new web host startup in the Chicago area in the next year, or a lot of stuff going cheap on Ebay.
The saddest part about this is that the crims clubbed and zapped some innocent guy that would have offered zero resistance. For this, I hope they thieves go to jail for a long time.
replaced the servers with an IBM BladeCenter.
I couldn't make this stuff up. They're advertising for a security guard,
"We are seeking motivated individuals" ... translation: work cheap.
"Prior security experience preferred." ... translation: not really a requirement, but if we can get it at no extra cost ...
"Some College is also preferred." ... if you managed to drop out of college instead of high school, you're more "presentable" to our insurers, who are now royally pissed at us ...
"Armed Hand-gun license/permit and ability to supply own weapon a Huge Plus! : translation: "we're cheap! You're desperate AND stupid! Let's talk!"