This excerpt is from Chapter 9, Keeping the Alligators Out of the Sewer from The Backup Book: Disaster Recovery from Desktop to Data Center, written by Dorian J. Cougias and published
When I was a kid, I heard a lot of stories about New York City and Chicago sewer workers who would encounter the occasional alligator lurking in the city sewer system, evoking the question, "How did an alligator get into the sewer system of such a big city?"
I knew -- the Huber brothers, that's how. More than once, they'd return from a Florida vacation, pockets bulging with baby alligators. And as soon as Mrs. Huber wasn't looking, they'd toss the little monsters into the toilet or a local storm drain. When I asked them why in the world they were doing that, they replied coolly, "We wanna see how big they'll get and if they'll eat anybody."
The world is full of goofballs like the Brothers Huber. Somewhere, sometime, some goofball is going to hack your network "just because." They're going to hack it or send you a virus "just because" they want to see what happens or "just because" they intend you harm. And if you don't believe it can happen to you, scan these news briefs for a little enlightenment:
- MSNBC's Bob Sullivan reported on a company that got hacked, sustaining an 80% probability that all of the credit card data in its system had been compromised. More than 2,000 unsuspecting clients may face inflated bills this month -- because someone might have lifted their information.
- The San Mateo County Times announced that many Silicon Valley businesses would be under siege from a perilous virus and Trojan horse attack by -- believe it or not -- the Russian Mafia.
- Robert Lemos of ZDNet reported "Microsoft spreads virus -- by accident." Unbeknownst to Microsoft, the Korean language versions of Visual Studio .NET sent to their South Korean developers harbored an unwelcome guest -- the virulent Nimda worm.
- Robert Lemos (again) reported on a new type of attack: the JPEG worm, which is breaking new ground in virus attacks. This virus infects and attaches itself to images on the system as they're opened and viewed.
All this mayhem happened just last week -- and I found these stories without really looking. I'm sure a lot more stories are out there, but I just can't bear to read them. So the question becomes, how much of this do you have to worry about, how can you protect yourself -- and what does this have to do with backup? In short, how do you keep those pesky alligators out of the sewer?
Let's take the first one last: What does this have to do with backup? In a word, EVERYTHING. If you back up a file that's infected with a virus, you've now stored the virus, as well. When you restore the file, the virus gets restored, too. If someone hacks your company's Web site and defaces several pages, you'll be restoring those files -- that is, unless you caught it before you backed them up again.
Try this, just for fun: Run an attack and virus test on your computer systems, just to see what will happen. You can run these tests without harming anything on your system -- except for your false sense of security, which may never recover. But that's part of what this chapter is about: the process of testing for basic hacker vulnerabilities in your systems and then passing that information on to the security folks to so that you and they can implement some real security. Because at the end of the IT day, it's your job to restore lost data, no matter who lost it.
>> Read the rest of Chapter 9, Keeping the Alligators Out of the Sewer from The Backup Book: Disaster Recovery from Desktop to Data Center.
This was first published in July 2003