If you fuck up that badly you shouldn’t be allowed to operate in that industry.
Other people’s computers. Never forget.
Danish hosting firms CloudNordic and AzeroCloud have suffered ransomware attacks, causing the loss of the majority of customer data and forcing the hosting providers to shut down all systems, including websites, email, and customer sites.
Time and time again, data hosting providers are proving that local backups not connected to the internet are way better than storing in the cloud.
The 3-2-1 backup strategy: “Three copies are made of the data to be protected, the copies are stored on two different types of storage media and one copy of the data is sent off site.”
How would that work in practice? 1 medium offsite, and 2 mediums on-premises?
Any redundant backup strategy uses both. They both have inherent data loss risks. Local backups are great, but unless you store them in a bunker they are still at risk to fire, theft, vandalism and natural disasters. A good backup strategy stores copies in at least three locations. Local, off-site and the cloud. Off-site backups are backups you can physically retrieve. Like tapes stored in a vault in another city.
That’s what you call an epic blunder.
I think they’re aware of that
Martin Haslund Johansson, the director of Azerocloud and CloudNordic, stated that he does not expect customers to be left with them when the recovery is finally completed.
The customers are already lost:
-
pay the expensive ransom, if the bad actor gives them the decryption key, customers are relieved but still pissed, will take the data and move to somewhere else with a big FO. Go out of business.
-
don’t pay the ransom, customers are pissed and move to somewhere else with a big FO. Go out of business.