A big story from a few months back was the fall of Code Spaces, a code hosting service, that was destroyed after criminals gained access to the AWS control panel and threatened to destroy their data if Code Spaces would not pay. Code Spaces declined and attempted to get their service back, at which point the extortionists started deleting data AND backups, which is what makes this attack so scary compared to so many others. Of course, now that Code Spaces has been destroyed, all the rest of us can do is take notes and set precautions so that the same fate cannot befall other companies.
The biggest flaw that Code Spaces enacted was having everything accessible from a single pane of glass or location- the AWS dashboard. Since infrastructure and backups were accessible from one location, the criminals were able to deliver the deathblow that that befell Code Spaces. This can be avoided by having multiple forms of backups in addition to any snapshots that you may utilize. In the case of vnCloud, for example, we offer the snapshots located in the control panel as well as a second backup service. If you were to only use the snapshot service, then the same fate could strike your company if your credentials were lost or hacked - for vnCloud. However, by using both our dedicated backup solution as well as vnCloud snapshots, you have two sets of tools to access in case a breach occurs. If you can implement any other backup policies, you will be that much better off. Our dedicated recovery solution is capable of restoring at the file level or as a complete bare metal recovery, so regardless of the damage, the dedicated solution will be able to help you get back on your feet.
The next concern is how to protect access to your online access - if you utilize the same username and password for all of your logins, you will have a serious problem if someone finds that information. You will also want to include a strong password policy including characters and symbols, and ideally the longer the better. There is no need to make your password an essay (most login tools wouldn't allow that anyways) but you absolutely need to build a strong, solid password that you can change when needed. If possible, consider utilizing two-factor authentication as well - it isn't as convenient as simply being automatically logged in all the time, but it does add an extra layer of defense.
Again, it must be emphasized that while this attack was unfortunate, and the results devastating, it was preventable, and in no way is representative of working with the Cloud as a whole. Had Code Spaces utilized only a single physical server that the extortionist had managed to get a hold of in their office location, they could have remotely wiped the hard drives thanks to their root access, resulting in the same result; a dead company. The flaw here is that there was no plan B or plan C in the event of a failure or attack, which is key for any business continuity plan. That is why my organization,
Vault Networks, offers two separate backup services that by the very nature of how they work cannot be accessed within the same panel. If you can supplement that with local backups or any additional backups, that is even better. A business continuity plan is a form of insurance for your business, and if you don’t have multiple steps in place, unfortunately bad things can happen.
Alejandro
