Welcome to the SecAware blog

I spy with my beady eye ...

5 Aug 2011

Hard lessons

Distribute.IT, an ISP that suffered a devastating hacker attack on June 11th was attempting disaster recovery by June 13th but in serious trouble by June 17th and finally admitted defeat with the complete loss of several important customer-facing servers by June 21st, just ten days after the hack.  Some 4,800 domains and customer accounts were lost, with (it appears) no offsite data backups from which they might have been restored.

With 20/20 hindsight, someone in Distribute.IT's management presumably made some extremely unwise decisions regarding the risk that materialized.  Whether they simply didn't consider or appreciate the risk, considered it too remote to address, or failed to treat the risk adequately, is now a moot point: whatever they did do was patently not good enough, and it looks like the business has failed.  Controls that are meant to prevent hacks fail quite often in practice, so it would have been sensible to make suitable disaster recovery and business continuity arrangements on that basis.  We know that now, and so do they and their customers - too late for this incident but hopefully not too late for the rest of us to learn the hard lessons.

Gary (Gary@isect.com)

No comments:

Post a Comment