How To Prevent Being Hacked Via Backups?
Popsikle writes “A few days ago one of the Web’s largest hosting discussion forums was supposedly hacked via their backup servers. From the story: ‘We’ve since learned that this very deliberate, sophisticated and calculated hack against Web Hosting Talk was carried out by gaining access to our offsite backup servers. From our backup servers, the hacker gained access to the WHT db server. The malicious attacker deleted all backups from the backup servers within the infrastructure before deleting tables from our db server. We were alerted of the db exploitation and quickly shut down the site to prevent further damage.’ What sort of security do you put on your backup infrastructure? Looking at your backup solution could you be completely taken down by either someone obtaining a backup or accessing your backup servers? What sort of recommendations does everyone have for this not to happen?”
Read more of this story at Slashdot.
