Slashdot Mirror

← Back to Stories (view on slashdot.org)

How To Prevent Being Hacked Via Backups?

Posted by timothy on from the don't-make-backups- dept.

Popsikle writes "A few days ago one of the Web's largest hosting discussion forums was supposedly hacked via their backup servers. From the story: 'We've since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.' What sort of security do you put on your backup infrastructure? Looking at your backup solution could you be completely taken down by either someone obtaining a backup or accessing your backup servers? What sort of recommendations does everyone have for this not to happen?"

10 of 214 comments (clear)

  1. Easy fix by bingbong · · Score: 5, Insightful

    Offline and offsite storage (i.e. iron mountain) is a simple (though sometimes costly) way of doing things.

    it'll solve this problem quite easily.

    --
    "Omnis tuus capsa sunt inesse nos"
  2. Tachikoma by Anenome · · Score: 5, Insightful

    Take a lesson from Ghost in the Shell, hire digital Tachikoma to protect you :) Problem solved!

    --
    "I Don't Have Enough Faith to be an Atheist"
  3. See also: The classic answer to computer problems by dmomo · · Score: 5, Funny

    >>What sort of security do you put on your backup infrastructure?

    It depends.

    I guess it depends how valuable the data is, how current it needs to be. Does it need to be kept secret or simply kept uncorrupted? How fast do you need to access these backups. The harder for you, potentially the more secure.

    For starters let's have a copy off-line in a location where the servers are not. Heck, choose another location for more security. I am thinking: A tape and a DVD in a safe with a lock on it. And another somewhere else.

    If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

  4. Encrypt it by micksam7 · · Score: 5, Insightful

    Encrypt your backups.

    Don't let your backup system have access to your main system.

    Allow your main system write-only access to your backup system, for the sole purpose of delivering new backups.

  5. eggs in multiple baskets by jgercken · · Score: 5, Interesting

    1) divide your eggs in at least two baskets, thoughtfully designed to protect their integrity
    2) keep your baskets in physically isolated locations
    3) take steps to protect your eggs from theft
    4) after retrieving your eggs, inspect them for tampering before using them in your souffle
    5) purchase insurance for the off chance you get yolk on your face

    --
    Never ascribe to malice what can be adequately attributed to ignorance. -Napoleon
  6. Why were your backup servers by Jane+Q.+Public · · Score: 5, Insightful

    accessible in the first place? Somebody in IT was not doing their job.

  7. Re:See also: The classic answer to computer proble by TheGratefulNet · · Score: 5, Funny

    If you really need to keep it safe, commit it all to memory and then shoot yourself in the temple.

    hey, the guy might NOT be jewish.

    did you consider that?

    --

    --
    "It is now safe to switch off your computer."
  8. Obvious Oversight by WHT by Revotron · · Score: 5, Informative

    There was a very blatant oversight and an unfortunate assumption on the part of WHT and iNET Interactive.

    They quite obviously overlooked the fact that the WHT servers (and ONLY the WHT servers) would ever need routine access to the backup servers. Therefore it was an obvious security hole that could have been plugged by restricting traffic through iptables to only iNET-affiliated IPs. Any teleworkers who needed access should simply use a VPN to iNet's offices if they really need access to the backup systems. If under some extreme circumstance (such as the loss of a database) an outside party needs access to the backup servers, the system admin can then add an exception under iptables.

    And on that note, the other incredibly thoughtless assumption was that any traffic coming from the backup servers would be approved traffic. So once the attacker gained access to the backup servers, the database servers were one insecure hop away.

    I think this proves the following very important points to the entire IT industry:
    1) Internal infrastructure should remain just that - internal! Restrictions should always be put in place as to who can (or can't) access a system.
    2) No traffic can be guaranteed authorized or authentic. It's one thing to add an SSH keyfile to your home servers, but in an enterprise environment everything must be highly scrutinized. It's no longer a matter of protecting systems from users - it's now a matter of protecting systems from other systems as well.

    I was personally affected by the loss of information at WHT and while it's annoying, it's a fact of life and can't be undone. All that's left now is to pick up the pieces, secure the site as best they can and move on with lessons learned.

  9. Re:See also: The classic answer to computer proble by dmomo · · Score: 5, Funny

    Well done sir. Either way, it'd be a horrible way to parish.

  10. Re:See also: The classic answer to computer proble by BluBrick · · Score: 5, Funny

    I think you need to altar your attitude.

    --
    Ahh - My eye!
    The doctor said I'm not supposed to get Slashdot in it!