Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.

Yea… Don’t bother. But, do expect to hear from my lawyers…

CloudNordic said that it “had no knowledge that there was an infection.” CloudNordic and Azero are owned by Denmark-registered Certiqa Holding, which also owns Netquest, a provider of threat intelligence for telcos and governments.

Edit-

https://www.cloudnordic.com/

  • FredericChopin_@feddit.uk
    link
    fedilink
    English
    arrow-up
    39
    ·
    1 year ago

    I couldn’t help but laugh when the article mentions the parent company that does threat intelligence. I think those governments might want to look elsewhere.

    • HellAwaits@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      arrow-down
      2
      ·
      1 year ago

      Ransomware attacks aren’t new. Although, I find it weird that a cloud host doesn’t have backups.

      • On@kbin.social
        link
        fedilink
        arrow-up
        8
        arrow-down
        2
        ·
        1 year ago

        CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data

        They did. They were affected too, if you read the article.

        • exi@feddit.de
          link
          fedilink
          English
          arrow-up
          5
          arrow-down
          1
          ·
          1 year ago

          If your backups are online and not in a warehouse, you are doing it wrong. Even my own personal backups are on disconnected disks. What a bunch of amateurs.

          • GenEcon@lemm.ee
            link
            fedilink
            English
            arrow-up
            1
            arrow-down
            1
            ·
            1 year ago

            If you don’t know you are infected and you’ve been infected for a couple months, your backups are worthless.

            • exi@feddit.de
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              1
              ·
              edit-2
              1 year ago

              That’s why you do regular restore tests on separate systems. That should be standard procedure for any company. A fully encrypted disk should be noticable immediately.

  • Jeena@jemmy.jeena.net
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    Hm, so I can’t rely on the Hetzner backup and should backup manually to a hard drive at home at least every now and then.

    • r00ty@kbin.life
      link
      fedilink
      arrow-up
      5
      ·
      1 year ago

      The fire ovh had created this problem for many. Some people’s backups were in that data centre and they lost everything.

      Yes, home backup and or cloud backup with a separate provider.

    • HTTP_404_NotFound@lemmyonline.comOP
      link
      fedilink
      English
      arrow-up
      12
      ·
      1 year ago

      safest encrypted cloud service these days

      None. Use your own encryption keys, and pre-encrypt your data.

      If the cloud provider I use for storing my backups got pwned, the attacker would gain access to… well, nothing, without my private keys. And- if you follow the 3.2.1. rule, you would lose nothing, because you have at least two other copies.

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    This is the best summary I could come up with:


    Cloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its datacenter systems, including its backups.

    In a notice on its website translated from Danish, CloudNordic said: “The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data.”

    The cloud host said that it believes the hackers had access to the company’s administrative systems “from which they could encrypt entire disks.”

    It’s not clear how the ransomware attack began, but the company said that the attack happened — or was at least exacerbated — by moving infected systems from one datacenter to another datacenter that was “unfortunately wired to access our internal network that is used to manage all of our servers.” CloudNordic said that it “had no knowledge that there was an infection.”

    At the time of writing, no ransomware group has appeared to publicly acknowledge or take credit for the cyberattack.

    Both CloudNordic and Azero said that they were working to rebuild customers’ web and email systems from scratch, albeit without their data.


    The original article contains 432 words, the summary contains 192 words. Saved 56%. I’m a bot and I’m open source!

  • OfficerBribe@lemm.ee
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    Ouch, cannot imagine what everyone, who are involved in this, are thinking. Wonder how many customers they had and how many will go broke.

  • cholesterol@lemmy.wtf
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    If you’ve ever heard of ‘Chili Klaus’ (maybe from Hot Ones), his entire website is completely gone.

    • KairuByte@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      Seed boxes are inherently handling replaceable data, bar unpopular torrents. This is such a silly comparison.