All your eggs in one basket == Cloud Disaster!

[Ed P]

An article in Digital Camera World reports why you should never trust just one back-up location.

Canon’s cloud platform has lost ALL the photos stored on it, and cannot ever get them back! The speculation is that Canon fell victim to a ransomeware attack.

[Wheels-Of-Fire]

Oh Dear ! Don’t you just hate it when things like that happen 😆

And the == in the title reminds me of another thing I hate, the reuse of symbols in programming languages to mean different things. The use of * in C++ to mean at least 3 different things is especially annoying.

[Dave Rice]

Sounds like sloppy planning to me. First rule make sure it’s backed up!

I suspect they  worked on live data. In any event they had no backups which would have negated any Ransomware attack too.

“Bleeping Computer was eventually able to get their hands on a partial screenshot of the alleged Canon ransom note” there is absolutely nothing to tie that to anyone, it’s just the generic text. In fact they could have typed it themselves in Notepad.

10GB long term storage – 10GB? Do me a favour. Even 10TB seems light. One of my customers just bought a 14TB server for his small business.

The “Message from the IT Service Center” doesn’t look like the sort of thing a Corporate IT Dept puts out. You most certainly would not put a Confirm Receipt button on it. What system is it using if everything is out? Neither does the internal message from the “Crisis Management Committee”. The internal server error message means nothing.

Sounds like speculation and a deal of making up the evidence.

[Ed P]

“I suspect they worked on live data. In any event they had no OFFSITE backups which would have negated any Ransomware attack too.”

Corrected – the so-called Maze interview suggests that they had sufficient time to locate and infect all on-site networked backups.

[Dave Rice]

That’s not really a backup then. Sloppy. They should have defences looking for this sort of activity too, it can be stopped before it does untold damage.

Ransomware can have a pop at any of the businesses I look after, they won’t get anywhere besides being a temporary PITA if it even gets to activate. If I can do it on a shoestring then Canon have no excuses.

[Ed P]

+1 – no argument,  I certainly would not like to be in any Canon IT position, but I’ll bet it was outsourced!

[Ed P]

There is more on the tactics of the Maze group in this El Reg article.

[Dave Rice]

One of the comments that I totally agree with:

The fundamental problem is lack of robustness at the victim end. Ransomware (like any other attack that typically starts at the workstation) only gets to affect a corporation because it can spread internally. There are many controls that can in principle contribute to restricting its spread, but they’re just not usually implemented.

Most corporate networks are wide open: a hard-ish shell full of holes surrounding an ultra- soft centre.

Sometimes there isn’t a great deal you can do about that, especially in a smaller business, but that’s where unlinked backups come in. Synology makes unlinking backups easy and having linked (live) data protected by a versioning system. Encrypt a file? Go back to the last version. Too many? Restore last nights local backup. They (somehow) got that too? Restore last nights offsite backup and pick out any urgent files / folders to any PC anywhere via a browser.

I also use AV designed for small businesses, not home products. Even McAfee have got their act together, but BitDefender is my favourite.

[Ed P]

Programmers seem to have it in for photographers as Adobe Lightroom has also wiped photos with no way of recovering them. link

[Dave Rice]

Bloody Adobe! Prime example of a near monopoly player in action. Did they not test it?

Synology are really pushing at Pro Snappers as BTRFS being self healing protects against bit-rot. Backup to an external drive or another Synology is easy and there’s a cheap offsite cloud backup service available. Modern HDDs are huge, a  2 bay would do most people these days never mind a 4 or 6.

You can also create shareable albums and use it as a download portal by giving customers a protected personal url to their folder. This can be restrict to X number of downloads and / or a date range. A surveyor I support does just this and it’s saved them a fortune in email costs (no more huge attachments in the archive). “Here’s the link to your survey, you have 30 days to download it and you can do this twice.”

[Tippon]

Dave Rice wrote:

Backup to an external drive or another Synology is easy and there’s a cheap offsite cloud backup service available

Do you know of any decent guides? I think I’ve got it all sorted, but I don’t want to test it like these guys :wacko:

[Dave Rice]

Synology’s C2 service is just another destination in a Hyper Backup task. You need to create a C2 account first, there’s a 30 day free trial.

Hyper Backup guide here, video guide here that uses C2 as an example. It’s all pretty straightforward but explains the various options, like smart versioning.

[Drezha]

I am impressed with the offsite backup feature – I set one up a few years ago for my wife’s family after they were hit with ransomware. Set up Synology Sync (whatever the one prior to Drive was called) to sync to the NAS and then set the NAS to use mine as an offisite backup. Now, I just have hyper backup send to my 300GB of Synolgoy C2.

"Everything looks interesting until you do it. Then you find it’s just another job" - Terry Pratchett

[Dave Rice]

I have a 2TB pool for my customers (which I charge for). Going 1TB+ opens up hourly backups (no-one really needs that atm), deduplication and a customizable retention policy. Their first backups can take days but after that the average is <10 minutes, the surveyor with 100+ photos per survey often comes in near 20 but never more. Even the Legion which only has ADSL use it.

With servers currently in empty buildings or vulnerable at home it’s a comfort to know the backups are there and easily restored. Not sure what will happen if there’s no Brexit deal as the data centre is in Frankfurt, but we’ll cross that bridge when we have to.

[Tippon]

Dave Rice wrote:

Synology’s C2 service is just another destination in a Hyper Backup task. You need to create a C2 account first, there’s a 30 day free trial. Hyper Backup guide here, video guide here that uses C2 as an example. It’s all pretty straightforward but explains the various options, like smart versioning.

Thanks Dave :good:

Sorry I’m a bit slow replying. I jinxed myself this time. I realised last night that after a rearrange in the office, I hadn’t turned the Synology back on. I turned it on and it beeped like crazy for ages while I was trying to log in. One of the hard drives has started to fail 😥

After a few hours of moving files around I managed to get the most important stuff onto the external drive too, and am now just waiting for the replacement drive to arrive, hopefully on Monday.

I’m tempted to format the lot and start again, but making sure that I definitely do it properly this time.

[Dave Rice]

If you’re sure the data is OK then that sounds like a plan. When you put the drive in it will start to rebuild the array, the easiest thing to do is a hard factory reset.

Get a paper clip or a SIM card removal tool and hold down the reset button for about five seconds—until you hear a beep. Then let go immediately. Right after that, hold down the reset button again for five seconds until you hear another beep. Let go immediately after that.

Your NAS will beep a couple more times, and then the NAS drive will reboot. After a couple of minutes, the status light will blink orange. DSM is now ready to be reinstalled.

To do the reinstall in a browser type http://find.quickconnect.to/ If it can’t find it download the Synology Assistant from the Desktop Utilities in the Download Center.

Just shout if you need any help, always happy to pass on my knowledge of these boxes.

[Author]

Posts