[Novalug] VA Health records held ransom

William Sutton william at trilug.org
Wed May 6 12:35:30 EDT 2009 

There isn't enough data to say what was/wasn't deleted, although evidence 
appears to be that they had some offline backups.

However, to address your other question, people do that for a variety of 
reasons:
1. ignorance - they're not as technically savvy as most of us on this list 
and don't consider the implications of their actions (see also 
thedailywtf.com)
2. laziness - they have a server running, so why bother setting up an 
independent bacup system?
3. being cheap - they figure the additional cost just isn't worth it.

As an example of #3, I once worked for a large manufacturing company (may 
even be Fortune-500).  Each plant had an AIX server with external (IBM) 
disk storage arrays for the databases to handle production workflow and 
monitoring.  Each plant was responsible for purchasing additional disk 
arrays as they ran out of space.  Each system ran a Progress database.

The Progress databases had the database files, a pre-transaction snapshot 
set of database files (BI) and post-transaction snapshot set of database 
files (AI).  Certain of the plants, being too cheap to expand their 
storage, required us to create new database extents onto the seperate BI 
and AI disks.  You can imagine the possibilities for failure with such a 
scenario...

William Sutton

On Wed, 6 May 2009, Mackenzie Morgan wrote:

> OK, let me rephrase:
> Don't they have a backup on a different computer / hard drive / tape than the
> original?
>
> Honestly, who makes a backup onto the same computer as the original?  That's
> not a backup! That's just wasting space on your hard drive with absolutely no
> redundancy. OK yeah, they could have two hard drives on one machine, but if
> that's the case 1) if it's Windows, it likely won't boot on any other machine
> so they're not protected against a motherboard death 2) why was it mounted? 3)
> If there was a fire, both would be equally destroyed.
>
> On Miércoles 06 Mayo 2009 11:10:42 AM William Sutton wrote:
>> Because, if I read the SecurityFix article correctly, he said he made his
>> own encrypted backup and deleted theirs.
>>
>> William Sutton
>>
>> On Wed, 6 May 2009, Mackenzie Morgan wrote:
>>
>>> On Miércoles 06 Mayo 2009 7:45:26 AM Varol Okan wrote:
>>>> Come on guys, this is not funny. Who did this ? Just go and apologize
> dude.
>>>>
>>>> http://it.slashdot.org/article.pl?sid=09/05/05/1232240
>>>
>>> The bit that confuses me is:
>>> Why should they pay him to decrypt their data? Don't they have a backup?
>>>
>>> --
>>> Mackenzie Morgan
>>> http://ubuntulinuxtipstricks.blogspot.com
>>> apt-get moo
>>>
>
> --
> Mackenzie Morgan
> http://ubuntulinuxtipstricks.blogspot.com
> apt-get moo
>

More information about the Novalug mailing list