[LINK] Fwd: Hacking of medical records

Jim Birch planetjim at gmail.com
Thu Dec 13 09:30:46 AEDT 2012


Any serious backup solution should cover scenarios for total destruction of
the premises and (internal or invasive) malicious attack.  There are
trade-offs between cost and data recency which vary but total loss
shouldn't be an option for a valuable data set.  Yet another pure and
simple FAIL.

One thing I notice is that people don't seem to get how much expertise
their potential attackers have; in this case, how easy it is for the
attackers to quickly figure their backup strategy.  It's kind of funny/sad:
home users typically think they don't really understand their computers but
small systems managers often seem smitten with their own expertise.  It's
logical to presume that an attacker who has busted your defences might know
more about your systems than you do, even if it required significant mental
effort on your part to set them up.  :)

Jim



More information about the Link mailing list