this post was submitted on 18 Feb 2025
204 points (100.0% liked)

Not The Onion

13639 readers
584 users here now

Welcome

We're not The Onion! Not affiliated with them in any way! Not operated by them in any way! All the news here is real!

The Rules

Posts must be:

  1. Links to news stories from...
  2. ...credible sources, with...
  3. ...their original headlines, that...
  4. ...would make people who see the headline think, “That has got to be a story from The Onion, America’s Finest News Source.”

Comments must abide by the server rules for Lemmy.world and generally abstain from trollish, bigoted, or otherwise disruptive behavior that makes this community less fun for everyone.

And that’s basically it!

founded 2 years ago
MODERATORS
kescusay@lemmy.world
204
US newspaper publisher uses linguistic gymnastics to avoid saying its outage was due to ransomware (www.theregister.com)
submitted 4 days ago by tonytins@pawb.social to c/nottheonion@lemmy.world
10 comments fedilink hide all child comments
top 10 comments
sorted by: hot top controversial new old
[–] Nougat@fedia.io 29 points 4 days ago (2 children)

Tell me you don't have a viable backup strategy without saying you don't have a viable backup strategy.

[–] LongLive@lemmy.world 5 points 4 days ago (1 children)

What does a viable backup strategy look like in the modern day? How difficult is it to build and maintain it?

[–] Nougat@fedia.io 10 points 4 days ago (1 children)

Depends on the needs of the business, of course, but --

There are lots of different ways to make data rollback robust, and as many methods as possible will offer different avenues to recovery. VM snapshots (with or without live mounting), shadow copies, incremental forever, cloud storage for backups, multiple appliances in different physical locations.

None of these are terribly "difficult." What tends to make these kinds of efforts less effective is a failure to regularly test them. Can I recover a VM snapshot? Can I live mount it somewhere? Sure, the product I'm using says I can, but have I proved it, and do I still remember how to do it quickly and correctly in the middle of a crisis?

[–] IHawkMike@lemmy.world 6 points 4 days ago (1 children)

Nothing you said is wrong, in fact it's all good advice. But none of what you listed implicitly provides protection against ransomware either.

For that you need backups that are immutable. That is, even you as the admin cannot alter, encrypt, or delete them because your threat model should assume full admin account compromise. There are several onprem solutions for it and most of the cloud providers offer immutable storage now too.

And at the very least, remove AD SSO from your backup software admin portals (and hypervisors); make your admins use a password safe.

[–] Nougat@fedia.io 4 points 4 days ago

You're right, I forgot about that. Our backups require three people's signoff to delete. Alter and encrypt I'm sure are the same, we've just never needed to do that as far as I'm aware.

[–] possiblylinux127@lemmy.zip 3 points 4 days ago

They don't exactly have a big budget or technical expertise

[–] possiblylinux127@lemmy.zip 6 points 4 days ago

Don't say the hard R

[–] HappyStarDiaz@real.lemmy.fan 5 points 4 days ago

I worked for Lee Enterprises pre bankruptcy and there was near zero viable anything then; can't imagine near twenty years later how bad it is now.

[–] Coolbeanschilly@lemmy.ca 5 points 4 days ago

What I'm more concerned about is who the people performing the attacks are, and why the press itself isn't attempting to expose them, and are instead sanitizing the attacks.

[–] fmstrat@lemmy.nowsci.com 2 points 4 days ago

https://lee.net/markets/

They operate a lot of local news.