Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.
Yea… Don’t bother. But, do expect to hear from my lawyers…
CloudNordic said that it “had no knowledge that there was an infection.” CloudNordic and Azero are owned by Denmark-registered Certiqa Holding, which also owns Netquest, a provider of threat intelligence for telcos and governments.
Edit-
I couldn’t help but laugh when the article mentions the parent company that does threat intelligence. I think those governments might want to look elsewhere.
yea, that was my thoughts as well… Lol, I wouldn’t touch them with a 10 foot pole.
Crazy that an admin had full access to all files on all drives including backups without requiring any kind of elevation, where a ransomware could encrypt it all.
At this point 8 don’t even know if paying would be the way to go to at lease rexover the files and rethink their security from the ground-up.
rethink their security from the ground-up.
After reading the post, I don’t think they did any thinking at all for their security… or redundancies, access controls… etc…
How do you fuck up this badly in 2023? I can see this happening in 1999.
deleted by creator
CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data
They did. They were affected too, if you read the article.
They should have stored a backup in the cloud, I hear it’s very safe there.
Danish cloud host says customers ‘lost all data’ after ransomware attack
I’d hazard that that Danish cloud host probably lost all customers after that happened too
If, I were a customer- I would be leaving for sure.
When- you pay a cloud vendor, you are generally paying to ensure a few things…
- That this stuff doesn’t happen.
- That when this type of stuff does happen, they have a recovery plan / working backups.
And, when this hit the news, and I discovered they are owned by a company with a stake in cyber-security, I’d be jumping to a replacement pretty quickly… and staying far away from this company.
So what is the safest encrypted cloud service these days?
safest encrypted cloud service these days
None. Use your own encryption keys, and pre-encrypt your data.
If the cloud provider I use for storing my backups got pwned, the attacker would gain access to… well, nothing, without my private keys. And- if you follow the 3.2.1. rule, you would lose nothing, because you have at least two other copies.
Thanks. What program do you use to easily encrypt before uploading?
Duplicacy has worked well for me
This is the solution I use as well.
Although, rclone is also a viable solution.
Ouch, cannot imagine what everyone, who are involved in this, are thinking. Wonder how many customers they had and how many will go broke.
I might venture a guess how many customers they will have after this…
Keeping data in one place would only result in misuse of data and data leaks.
deleted by creator
Seed boxes are inherently handling replaceable data, bar unpopular torrents. This is such a silly comparison.
