Hi all,

As self-hosting is not just “home-hosting” I guess this post should also be on-topic here.

Beginning of the year, bleeping-computers published an interesting post on the biggest cybersecurity stories of 2023.

Item 13 is an interesing one. (see URL of this post). Summary in short A Danish cloud-provider gets hit by a ransomware attack, encrypting not only the clients data, but also the backups.

For a user, this means that a senario where, not only your VM becomes unusable (virtual disk-storage is encrypted), but also the daily backups you made to the cloud-provider S3-storage is useless, might be not as far-fetches then what your think.

So … conclussion ??? If you have VMs at a cloud-provider and do daily backups, it might be usefull to actually get your storage for these backups from a different provider then the one where your house your VMs.

Anybody any ideas or remarks on this?

(*) https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2023/

  • kristoff@infosec.pubOP
    link
    fedilink
    English
    arrow-up
    5
    ·
    10 months ago

    Well, the issue here is that your backup may be physically in a different location (which you can ask to host your S3 backup storage in a different datacenter then the VMs), if the servers themselfs on which the service (VMs or S3) is hosted is managed by the same technical entity, then a ransomware attack on that company can affect both services.

    So, get S3 storage for your backups from a completely different company?

    I just wonder to what degree this will impact the bandwidth-usage of your VM if -say- you do a complete backup of your every day to a host that will be comsidered as “of-premises”

    • originalucifer@moist.catsweat.com
      link
      fedilink
      arrow-up
      4
      arrow-down
      1
      ·
      10 months ago

      yeah, you can use another cloud provider as backup… if you do it correctly.

      personally, my disaster recovery plans dont include entire offsite VMs. i only care about data in a dr situation. so you send incremental daily backups offsite.

      containers have made VMs even more irrelevant/ephemeral so focus on the data.

    • ErwinLottemann@feddit.de
      link
      fedilink
      English
      arrow-up
      2
      ·
      10 months ago

      if you backup your vm data to the same provider as you run your vm on you don’t have an ‘off-site’-backup, which is one criteria of the 3-2-1 backup rule.