 |
| |
|
|
|
|
|
|
|
|
4,800 websites evaporate following hack at Distribute IT |
|
Posted 23/06/2011 12:05:00 PM by David Loughry
|
Over the past few days there have been a number of articles in the press regarding 4,800 Australian websites evaporating after a system hack at Distribute IT. An SMH article regarding this event can be found at: http://www.smh.com.au/technology/security/4800-aussie-sites-evaporate-after-hack-20110621-1gd1h.html
When backups are implemented, there are two types of failures being protected against:
- A hard disk failure - either as a consequence of standard usage or an external environmental issue, for example, power spike, fire, flood etc.
- A software level corruption/deletion of data - either by a bug in a software program or a deliberate hack (it was a deliberate hack that was the cause of the problem in the Distribute IT case)
At Innessco, we use PPS Internet to host the servers and websites. All of PPS Internet servers are located at Global Switch Data Centre, Ultimo. This data centre is of the highest quality and includes:
- redundant power supplies including on-site diesel tanks;
- environment control systems with temperature maintained at 22°C and humidity at 50%;
- fire detection and suppression systems;physical security controlled via proximity card readers and CCTV;
- clients such as the Australian Tax Office, Defence and NBN Co.
Using Global Switch helps us mitigate against some of the environmental risks associated with running and operating a server.
With respect to backups, PPS Internet completes an onsite daily backup of each server to a local disk array. On a weekly basis, this backup is taken offsite and kept for 4 weeks in a drawer - the offsite backup is not connected to the internet in any way. The effect of this backup strategy is:
- If we have an isolated failure of a disk within a system, we have an onsite backup from the previous night to restore to.
- If an environmental issue destroys multiple/all of PPS Internets servers, then we have a backup from the previous Friday to recover from. The risk of this event occurring is considered extremely low due to the technology and security controlling the building.
- If data is lost due to a software corruption or hack, then we have a number of backups that we can depend on. Firstly, there is the onsite backup from the previous night. But this might be corrupted as well. In that case, we have at least 3 backups from the 3 previous Fridays.
In the case of Distribute IT, it appears that a hacker has not only broken into their systems and deliberately destroyed data on their servers, they have also been able to get to the backup server and destroy data on that as well. Given that Distribute IT has not been able to perform a recovery to any point in time, it seems reasonable to deduce Distribute IT has not held a backup copy that is disconnected from the internet, something similar to the way that PPS Internet stores their offsite backup.
If you have any questions, please do not hesitate to call either Robert Cox on (02) 8011 0669 or David Loughry on (02) 8011 0667.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|