[gpfsug-discuss] Ransom attacks

Jonathan Buzzard jonathan.buzzard at strath.ac.uk
Thu May 27 16:49:02 BST 2021


On 27/05/2021 16:23, Skylar Thompson wrote:

[SNIP]

> at the end of the day, nothing beats the air-gap of tape backups, IMHO. 

Changing/deleting lots of data on tape takes time. So tape is a really 
good starting point even if you never take the tapes out the library 
except to dispose of them. Your backup is your get out of jail card. 
Protect it like it's Fort Knox.

A bit of security through obscurity by using Power and AIX will not go 
amiss. Even if it only buys you a couple of hours that can be enough to 
save the backup from harm.

Passwords on the Spectrum Protect server should be good *never* be used 
anywhere else, and only a handful of trusted people should have access 
to them.

Make sure you have a reuse delay on those tapes so even if the bastards 
do a del filespace (if they even know how to use TSM) you can roll back 
the database.

I also have the notion that you should be able to cut the power to the 
Spectrum Protect server and tape libraries such that it requires an on 
site visit to manually power them backup by flicking a nice big molly 
switch. I have a notion in my mind of tripping a residual-current 
device/ground fault circuit interrupter by using a relay to create a 
neutral earth fault. First sign of trouble disconnect the backup system :-)


JAB.

-- 
Jonathan A. Buzzard                         Tel: +44141-5483420
HPC System Administrator, ARCHIE-WeSt.
University of Strathclyde, John Anderson Building, Glasgow. G4 0NG



More information about the gpfsug-discuss mailing list