14 DAY TRIAL // Hackers have managed to break into the network of an Australian web hosting provider called Distribute.IT and destroy data from four of its servers, including its backups.
The attack occurred last week and left a lot of customers unhappy with the company because it wasn't very forthcoming with information. This was probably because it was desperately trying out contingency plans. Unfortunately these failed.
The company issued a statement today announcing that it has suffered permanent data loss. "We regret to inform that the data, sites and emails that were hosted on Drought, Hurricane, Blizzard and Cyclone can be considered by all the experts to be unrecoverable," the company said.
"While every effort will be made to continue to gain access to the lost information from those hosting servers, it seems unlikely that any usable data will can be salvaged from these platforms.
"In assessing the situation, our greatest fears have been confirmed that not only was the production data erased during the attack, but also key backups, snapshots and other information that would allow us to reconstruct these servers from the remaining data," it explained.
Some of the 4,800 affected websites will probably be restored from backups kept by their owners, but many have probably been lost forever. The incident has raised questions as to why Distribute.IT didn't keep offline and offsite backups, however, it's also the responsibility of site owners to backup their data regularly.
People also wondered how was the attacker able to delete so much without anyone noticing. Since file systems can be rebuilt, the company's inability to recover the data suggests that a low-level operation was executed.
One likely possibility is that the hacker used a UNIX command known as dd, not to wipe data completely, but to write over it at random locations making its restoration impossible.
The attack was initially attributed to LulzSec, the group of hackers who attacked numerous companies and organizations in recent weeks, however, the Distribute.IT hacker also defaced the company's website and identified himself as Evil at Efnet.