A huge ransomware attack on the Library system of North America’s 4th largest city 😓. It happened a few weeks ago but was devastating. It would be interesting to know what backups they had and how they were setup.
Toronto Public Library service offline until 2024 :(
+22VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
+7Hope they had a good backup/dr plan
Tyler Jurgens | Senior Technical Product Marketing Manager | Former Veeam Legend x3 | vExpert ** | VMSP/VMTSP | VCP-2020 | VSP/VTSP | Tanzu Vanguard | VMUG Calgary Leader | VUG Canada Leader | https://explosive.cloud | @Tyler_Jurgens | BlueSky: @tylerjurgens.bsky.social
+22TylerJurgens wrote:
Hope they had a good backup/dr plan
Judging by how long it will take to get services backup.. I don’t know. I don’t think there is any instant recovery here that is for certain. Unless they are concerned that the attackers got access before the backup retention and just sat tight watching.
VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
+7The British Library was also targeted back in Oct
https://www.theregister.com/2023/11/20/rhysida_claims_british_library_ransomware/
Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2025 | Cyber Security Space VUG Leader
+21Wow that definitely is not good. Maybe someone needs to contact them about Veeam. 😁
Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | vExpert 6* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
+22Chris.Childerhose wrote:
Wow that definitely is not good. Maybe someone needs to contact them about Veeam. 😁
Yeah I mean where are those sales reps when you really need them 🤣
VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
+7Interesting hacker. Why attack the library not a business company??? I don’t think they will get money from the library. The library won’t care when will re-open. 😀
Veeam Vanguard | VMCE 2024 | Microsoft MVP | Cisco Insider Champion | CISCO CCIE #4531 | Web Site - carysun.com | Blog Site - gooddealmart.com | Blog Site - checkyourlogs.net | X: @SifuSun | LinkedIn: https://www.linkedin.com/in/sifusun/ | Amazon Author: https://Amazon.com/author/carysun
+14Max M. | Systems Engineer @Veeam | VMCE/VMCA | VeeaMVP 2023 | former Legend & Vanguard
+7CarySun wrote:
Interesting hacker. Why attack the library not a business company??? I don’t think they will get money from the library. The library won’t care when will re-open. 😀
For some groups, they are ransoming the data rather than the actual infrastructure itself. Others are two-pronged. Exfiltrate the data, ransom the infrastructure and then hold the data they got to ransom and threaten to release unless the organisation pays.
Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2025 | Cyber Security Space VUG Leader
+22I believe it is as mentioned about for extortion purposes. I don’t think many script kiddies are doing this. Mainly organised crime and bad state actors. The goal is mainly to get paid, although there is the disruption affect (in the case of state actors). Hopefully yet another wake up call. Just my humble opinion but such a long outage means that the DR plan was not well setup. Most likely due to lack of funds or not properly channelling funds. Speculation of course.
VMCA2024, VMCE2023, VMCE2024-SP,CKA, LFCS, PCA,TARS
+7Geoff Burke wrote:
I believe it is as mentioned about for extortion purposes. I don’t think many script kiddies are doing this. Mainly organised crime and bad state actors. The goal is mainly to get paid, although there is the disruption affect (in the case of state actors). Hopefully yet another wake up call. Just my humble opinion but such a long outage means that the DR plan was not well setup. Most likely due to lack of funds or not properly channelling funds. Speculation of course.
I’d agree. Funding will definitely be a factor as well
Dipen N. K. | IT Security Specialist | Veeam Legend 2022 - 2025 | Cyber Security Space VUG Leader
Comment
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.