Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.

Yea… Don’t bother. But, do expect to hear from my lawyers…

CloudNordic said that it “had no knowledge that there was an infection.” CloudNordic and Azero are owned by Denmark-registered Certiqa Holding, which also owns Netquest, a provider of threat intelligence for telcos and governments.

Edit-

https://www.cloudnordic.com/

  • FredericChopin_@feddit.uk
    link
    fedilink
    English
    arrow-up
    56
    ·
    1 year ago

    I couldn’t help but laugh when the article mentions the parent company that does threat intelligence. I think those governments might want to look elsewhere.

  • beaubbe@lemmy.world
    link
    fedilink
    English
    arrow-up
    29
    ·
    1 year ago

    Crazy that an admin had full access to all files on all drives including backups without requiring any kind of elevation, where a ransomware could encrypt it all.

    At this point 8 don’t even know if paying would be the way to go to at lease rexover the files and rethink their security from the ground-up.

    • HTTP_404_NotFound@lemmyonline.comOP
      link
      fedilink
      English
      arrow-up
      15
      ·
      1 year ago

      rethink their security from the ground-up.

      After reading the post, I don’t think they did any thinking at all for their security… or redundancies, access controls… etc…

      • On@kbin.social
        link
        fedilink
        arrow-up
        19
        arrow-down
        2
        ·
        edit-2
        1 year ago

        CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data

        They did. They were affected too, if you read the article.

  • demonsword@lemmy.world
    link
    fedilink
    English
    arrow-up
    20
    ·
    1 year ago

    Danish cloud host says customers ‘lost all data’ after ransomware attack

    I’d hazard that that Danish cloud host probably lost all customers after that happened too

    • HTTP_404_NotFound@lemmyonline.comOP
      link
      fedilink
      English
      arrow-up
      24
      ·
      1 year ago

      If, I were a customer- I would be leaving for sure.

      When- you pay a cloud vendor, you are generally paying to ensure a few things…

      1. That this stuff doesn’t happen.
      2. That when this type of stuff does happen, they have a recovery plan / working backups.

      And, when this hit the news, and I discovered they are owned by a company with a stake in cyber-security, I’d be jumping to a replacement pretty quickly… and staying far away from this company.

    • HTTP_404_NotFound@lemmyonline.comOP
      link
      fedilink
      English
      arrow-up
      18
      ·
      1 year ago

      safest encrypted cloud service these days

      None. Use your own encryption keys, and pre-encrypt your data.

      If the cloud provider I use for storing my backups got pwned, the attacker would gain access to… well, nothing, without my private keys. And- if you follow the 3.2.1. rule, you would lose nothing, because you have at least two other copies.

  • OfficerBribe@lemm.ee
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Ouch, cannot imagine what everyone, who are involved in this, are thinking. Wonder how many customers they had and how many will go broke.

  • Campa@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    Keeping data in one place would only result in misuse of data and data leaks.

    • KairuByte@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      1 year ago

      Seed boxes are inherently handling replaceable data, bar unpopular torrents. This is such a silly comparison.