All the best plans of mice and men go awry…“At this point we took action to take control back of our panel by changing passwords, however the intruder had prepared for this and had already created a number of backup logins to the panel and upon seeing us make the attempted recovery of the account he proceeded to randomly delete artifacts from the panel. We finally managed to get our panel access back but not before he had removed all EBS snapshots, S3 buckets, all AMI’s, some EBS instances and several machine instances.” One storage service made the mistake of trying to fight an intrusion rather than stopping the service immediately. The intruder then carried out his/her backup-plan to destroy the service by deletion. Now they have to turn out the lights anyway, but permanently.

Just like terrorists in the real world, the cyber-terrorist finds it easier to destroy rather than to create. Sometimes terrorism succeeds merely because it gets the desired effect because of the response of the good guys. What will you do when or before the $$$$ hits the fan?

See AWS console breach leads to demise of service with “proven” backup plan.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology and tagged , , . Bookmark the permalink.

Leave a Reply