Forumite

All your eggs in one basket == Cloud Disaster!

  • Creator
    Topic
  • #61404
    Participant
    Ed P
    @edps

    An article in Digital Camera World reports why you should never trust just one back-up location.

    Canon’s cloud platform has lost ALL the photos stored on it, and cannot ever get them back! The speculation is that Canon fell victim to a ransomeware attack.

Viewing 15 replies - 1 through 15 (of 15 total)
  • Author
    Replies
  • #61409
    Participant
    Wheels-Of-Fire
    @grahamdearsley
    Forumite Points: 6,312

    Oh Dear ! Don’t you just hate it when things like that happen 😆

    And the == in the title reminds me of another thing I hate, the reuse of symbols in programming languages to mean different things. The use of * in C++ to mean at least 3 different things is especially annoying.

    #61411
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    Sounds like sloppy planning to me. First rule make sure it’s backed up!

    I suspect they  worked on live data. In any event they had no backups which would have negated any Ransomware attack too.

    Bleeping Computer was eventually able to get their hands on a partial screenshot of the alleged Canon ransom note” there is absolutely nothing to tie that to anyone, it’s just the generic text. In fact they could have typed it themselves in Notepad.

    10GB long term storage – 10GB? Do me a favour. Even 10TB seems light. One of my customers just bought a 14TB server for his small business.

    The “Message from the IT Service Center” doesn’t look like the sort of thing a Corporate IT Dept puts out. You most certainly would not put a Confirm Receipt button on it. What system is it using if everything is out? Neither does the internal message from the “Crisis Management Committee”. The internal server error message means nothing.

    Sounds like speculation and a deal of making up the evidence.

    • This reply was modified 3 months, 2 weeks ago by Dave Rice.
    #61414
    Participant
    Ed P
    @edps
    Forumite Points: 16,928

    “I suspect they worked on live data. In any event they had no OFFSITE backups which would have negated any Ransomware attack too.”

    Corrected – the so-called Maze interview suggests that they had sufficient time to locate and infect all on-site networked backups.

    #61421
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    That’s not really a backup then. Sloppy. They should have defences looking for this sort of activity too, it can be stopped before it does untold damage.

    Ransomware can have a pop at any of the businesses I look after, they won’t get anywhere besides being a temporary PITA if it even gets to activate. If I can do it on a shoestring then Canon have no excuses.

    #61423
    Participant
    Ed P
    @edps
    Forumite Points: 16,928

    +1 – no argument,  I certainly would not like to be in any Canon IT position, but I’ll bet it was outsourced!

    • This reply was modified 3 months, 2 weeks ago by Ed P.
    #61471
    Participant
    Ed P
    @edps
    Forumite Points: 16,928

    There is more on the tactics of the Maze group in this El Reg article.

    #61475
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    One of the comments that I totally agree with:

    The fundamental problem is lack of robustness at the victim end. Ransomware (like any other attack that typically starts at the workstation) only gets to affect a corporation because it can spread internally. There are many controls that can in principle contribute to restricting its spread, but they’re just not usually implemented.

    Most corporate networks are wide open: a hard-ish shell full of holes surrounding an ultra- soft centre.

    Sometimes there isn’t a great deal you can do about that, especially in a smaller business, but that’s where unlinked backups come in. Synology makes unlinking backups easy and having linked (live) data protected by a versioning system. Encrypt a file? Go back to the last version. Too many? Restore last nights local backup. They (somehow) got that too? Restore last nights offsite backup and pick out any urgent files / folders to any PC anywhere via a browser.

    I also use AV designed for small businesses, not home products. Even McAfee have got their act together, but BitDefender is my favourite.

    #61510
    Participant
    Ed P
    @edps
    Forumite Points: 16,928

    Programmers seem to have it in for photographers as Adobe Lightroom has also wiped photos with no way of recovering them. link

    #61512
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    Bloody Adobe! Prime example of a near monopoly player in action. Did they not test it?

    Synology are really pushing at Pro Snappers as BTRFS being self healing protects against bit-rot. Backup to an external drive or another Synology is easy and there’s a cheap offsite cloud backup service available. Modern HDDs are huge, a  2 bay would do most people these days never mind a 4 or 6.

    You can also create shareable albums and use it as a download portal by giving customers a protected personal url to their folder. This can be restrict to X number of downloads and / or a date range. A surveyor I support does just this and it’s saved them a fortune in email costs (no more huge attachments in the archive). “Here’s the link to your survey, you have 30 days to download it and you can do this twice.”

    #61541
    Participant
    Tippon
    @tippon
    Forumite Points: 4,139

    Backup to an external drive or another Synology is easy and there’s a cheap offsite cloud backup service available

    Do you know of any decent guides? I think I’ve got it all sorted, but I don’t want to test it like these guys :wacko:

    #61546
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    Synology’s C2 service is just another destination in a Hyper Backup task. You need to create a C2 account first, there’s a 30 day free trial.

    Hyper Backup guide here, video guide here that uses C2 as an example. It’s all pretty straightforward but explains the various options, like smart versioning.

    #61562
    Participant
    Drezha
    @drezha
    Forumite Points: 3,136

    I am impressed with the offsite backup feature – I set one up a few years ago for my wife’s family after they were hit with ransomware. Set up Synology Sync (whatever the one prior to Drive was called) to sync to the NAS and then set the NAS to use mine as an offisite backup. Now, I just have hyper backup send to my 300GB of Synolgoy C2.

    #61570
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    I have a 2TB pool for my customers (which I charge for). Going 1TB+ opens up hourly backups (no-one really needs that atm), deduplication and a customizable retention policy. Their first backups can take days but after that the average is <10 minutes, the surveyor with 100+ photos per survey often comes in near 20 but never more. Even the Legion which only has ADSL use it.

    With servers currently in empty buildings or vulnerable at home it’s a comfort to know the backups are there and easily restored. Not sure what will happen if there’s no Brexit deal as the data centre is in Frankfurt, but we’ll cross that bridge when we have to.

    #61579
    Participant
    Tippon
    @tippon
    Forumite Points: 4,139

    Synology’s C2 service is just another destination in a Hyper Backup task. You need to create a C2 account first, there’s a 30 day free trial. Hyper Backup guide here, video guide here that uses C2 as an example. It’s all pretty straightforward but explains the various options, like smart versioning.

    Thanks Dave :good:

    Sorry I’m a bit slow replying. I jinxed myself this time. I realised last night that after a rearrange in the office, I hadn’t turned the Synology back on. I turned it on and it beeped like crazy for ages while I was trying to log in. One of the hard drives has started to fail :cry:

    After a few hours of moving files around I managed to get the most important stuff onto the external drive too, and am now just waiting for the replacement drive to arrive, hopefully on Monday.

    I’m tempted to format the lot and start again, but making sure that I definitely do it properly this time.

    #61582
    Participant
    Dave Rice
    @ricedg
    Forumite Points: 9,540

    If you’re sure the data is OK then that sounds like a plan. When you put the drive in it will start to rebuild the array, the easiest thing to do is a hard factory reset.

    Get a paper clip or a SIM card removal tool and hold down the reset button for about five seconds—until you hear a beep. Then let go immediately. Right after that, hold down the reset button again for five seconds until you hear another beep. Let go immediately after that.

    Your NAS will beep a couple more times, and then the NAS drive will reboot. After a couple of minutes, the status light will blink orange. DSM is now ready to be reinstalled.

    To do the reinstall in a browser type http://find.quickconnect.to/ If it can’t find it download the Synology Assistant from the Desktop Utilities in the Download Center.

    Just shout if you need any help, always happy to pass on my knowledge of these boxes.

Viewing 15 replies - 1 through 15 (of 15 total)
  • You must be logged in to reply to this topic.