X

Russian election meddling. North Korean hacking. Malicious malware pointed at nuclear programs. Cyber-warfare once seemed like science fiction, though it’s now becoming the modern battlefront. We’ve seen all the scary headlines, but how do we know what’s hype, what’s a genuine threat, and how to defend ourselves (and our clients) from the digital wars of the future? Let’s break it down.

Cyber War: Overhyped or Underhyped?

We’ve seen what can happen online. From attacks that exposed communication between Hillary Clinton’s campaigners to Russian cyber-meddling, all the way to a more recent leak of CIA cyber tools from WikiLeaks, some shady things are happening in the cyber world. While there are reasons to be concerned, all-out cyber warfare isn’t on our doorstep quite yet. As former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States, Richard A. Clarke, noted in an interview with Columbia University, “… A government engaged in destruction against another within cyberspace; it hasn’t really happened yet. The few instances of cyberattacks that have occurred (that we know about) have been executed with only limited objectives in mind.”

Clarke also mentions that cyberwar would likely only happen as part of a more significant military conflict. “Governments will only engage in ‘total’ cyberwar within the context of a war that they were already going to fight militarily otherwise,” he says. So really, we shouldn’t be concerned about cyberwar any more than we should about a conventional war.

If two countries engage in conflict, cyber warfare would be a significant component, and attacks on critical infrastructure could feasibly disable power, stop water supplies, and more. Hackers have already demonstrated through many smaller-scale attacks that critical infrastructures are vulnerable, and scarily enough, simple attacks using infected emails are surprisingly effective.

Whether from foreign governments or rogue hacker groups, there is certainly the risk of cyberwar in the future, but how do we defend against potential attacks and what can we do today that may prevent them from ever happening at all?

Preparing for the Cyberwars

As with any large-scale conflict, there are things you can do, but there are larger political things that are out of your hands. However, you don’t have to stand idly by. Here are some things you can do to address the threat of cyberwar.

Take Security Into Your Own Hands

While we’re not sure how or when a large-scale attack might take place, it’s still wise to take measures to minimize the impact for you or your clients. As we know, disasters come in all shapes and sizes. You can think of cyberwar as a man-made disaster and plan accordingly by having iron-clad security, heavy-duty encryption, and both onsite and offsite backups. Beyond that, including contingencies for warfare as part of your detailed disaster recovery plan. Your business probably won’t be attacked directly, but if power, water, and the Internet are disabled, what actions must you take?

Speak with Your Representatives

Let your leaders know you’re concerned about cyberwar. Make it clear you feel strongly about that threat and urge them to support legislation that helps us defend ourselves against potential attacks. The more people voice their concerns, the more likely they’ll be to act. You can find contact information for your local and federal elected officials here.

Support Cyber Defense Causes

When elections come around, consider making a difference by supporting leaders with a strong stance on cyber defense. Similarly, pay attention to new legislation that might beef up cybersecurity, and support programs that will keep our digital lives safe. Also, sites like Change.org let you sign petitions for various cyber causes you might care about. Whatever the case, acting now and doing your part can help us all better defend against future cyber threats.

Don’t Forget to Relax

When scary headlines are featured so prominently, fear can be consuming, but there’s a lighter side to this. According to a site called Cyber Squirrel 1, “Of all the claimed nation-state (i.e. human) cyber-attacks that have impacted critical infrastructure (Brazil Blackouts, Turkey pipeline explosion, German Steel Plant event, etc.), only two (the Ukrainian power outages and the US lead Stuxnet operation) can be confirmed as ‘cyber’ at this time.” Squirrels, birds, snakes, and other animals have been far more successful at bringing down power grids than people. So, who’s the real enemy here?

With a great DR plan, and some good old-fashioned political participation, you’ll be as ready as you can be for the digital wars of the future, but with some luck, we can avoid them altogether.

View Comments

  • VMware Player is not a Type 1 hypervisor, and therefore does not have better performance than Virtualbox "because it runs directly on the hardware."""

  • Yes, a span size of two means that each span is as small as possible. So a span size of two in RAID 100 means that you are actually getting RAID 10 without anything extra (it is the middle RAID 0 that is eliminated.) So the advice is good, basically you always want a span size of two if the option exists. Some controllers cannot handle a RAID 10 large enough to accommodate all attached drives and so larger spans are required. Typically this does not happen until you have at least ~18 drives or so.

  • The one question I have coming out of this results from the conversation that I believe possibly prompted this blog post, namely that in this thread on SpiceWorks:

    http://community.spiceworks.com/topic/548896-raid-10-2-spans-a-cautionary-tale-it-can-happen-to-you

    The recommendation/default for at least one DELL controller model was a span-size of 2, with comments referring to this being referred to as the optimal configuration for larger arrays. Is there any evidence to support this being the optimal configuration? Your blog post, and my (albeit limited) understanding of RAID would suggest that this advice is flawed. Then again, maybe I am misunderstanding something at a fundamental level?

    Furthermore, would there be any benefit to adding in multiple RAID-0 layers above the RAID-100 so that the member size of all arrays involved is kept as small as possible?

  • I like the article, to be honest I've seen many posts on newspapers, magazines and even blogs that praises the open-source as it without being put on glory or hell, just neutral

    I'll like to add some other software like Thunderbird (for email), Git (for developers) and maybe replace Notepad++ with Geany/Gedit/Kate (or the text editor of your preference, yours being the Notepad); otherwise I like your choices and those are apps that I use a lot, even if in my workplace they don't want to replace it

    • Hey Dom, depending on where you're located there are a number of ways you can dispose of VHS tapes. Most thrift shops will take them off your hands, assuming they're actual movies and not simply blank tapes. Another option is to use Greendisk (greendisk.com), which allows you to mail in your old VHS tapes for recycling. Beyond that, there may be some options specific to your location (there are waste recycling facilities that can handle this type of trash all over), a quick Google search might reveal some of them.

  • Hi there, I think your web site may be having internet browser compatibility problems.
    Whenever I look at your web site in Safari, it looks fine
    however when opening in I.E., it has some overlapping issues.
    I simply wanted to provide you with a quick heads up!
    Besides that, wonderful site!

    • Thanks for letting us know, we really appreciate it. Do you happen to know which version of IE you're using? I know that sometimes the older versions don't cooperate. I can't seem to reproduce the results you're seeing, but we're looking into it. Thanks again for bringing this to our attention.

  • I think you are missing the point entirely here. I have a home with 5 PCs all running same Windows OS version and same versions of Office. MOST of the file data on the machines are copies of same files on other machines: the Windows OS files and Office binaries. I want to backup full system snapshot images (not just photos and music) daily to a NAS on my LAN, or even a headless Windows machine acting as a NAS (like the old Windows Home Server product). I want the bandwidth savings of laptops backing up over wifi to notice that those windows files are already stored and not transmit them over wifi. I also want the total NAS storage of all combined backups reduced so that I can copy the NAS storage to either external drive for offsite storage, or more interesting up to the cloud for redundancy. ISP bandwidth caps, limited upstream bandwidth, and cloud storage annual cost per GB mean that deduplicated backup storage is essential. The cost of additional local storage is NOT the only consideration.

    I don't care about Windows Server's integrated deduplication. The deduplication has to be part of the backup system itself, especially if you are doing cluster or sector level deduplication, to avoid sending the duplicate data over the wire to the data storage in the first place.

    I've been looking at different backup solutions to replace Windows Home Server (a decade-old product that offered deduplication), and your product looked very interesting, but unfortunately the lack of built-in deduplication rules it out for me. I can only imagine how this affects 100-desktop customers when I wont't even consider it for 5-desktop home use.

    • Thank you for your comments. We appreciate all points of view on this topic.

      I agree that ISP bandwidth caps, limited upstream bandwidth, and cloud storage cost per GB show how critical it is to minimize data transmissions offsite. I also believe that much like modems and BETA video tapes, the bandwidth of today is giving way to higher access everywhere. For example, Google Fiber is now available to some of my peers at the office. Cellular LTE and satellite technologies are also increasing bandwidth for small business and home offices. At the same time, our data consumption and data creation is increasing at a rate that may outpace this increased supply of bandwidth. Either way, there are ways to work around data transmission limits.

      One way we help with data transmission over slower networks is we incorporate WAN acceleration and bandwidth scheduling technologies into our offsite replication tools. These allow you to not only get the most efficient use of available bandwidth but to also schedule your data replication during off-peak hours. Another way we help with data transmission is through compression. Deduplication is after all simply another form of data compression which reduces the near side (source) data before it is transmitted over the wire (target).

      In your case, you could use our product to store images on a local volume which has deduplication. You could then replicate data over the wire to offsite storage using ImageManager or some other tool. Many of our customers do this very thing.

      Keep in mind that the deduplication process has to occur at some point: either at the source or at the target. If you wanted to deduplicate your 5 PCs you would be best served with a BDR solution that can read each of those PCs, see the duplicate files on each, and avoid copying those files to storage. In this example, deduplication would occur on your BDR but you're still reading data from each PC over the wire to your BDR. In addition, your BDR would control the index for data stored on a separate volume or perhaps has the storage volume incorporated in the BDR. This creates a single point of failure because if your BDR crashes then the backup images for your 5 PCs wouldn't be recoverable and current backup processes cease.

      At StorageCraft we focus on the recovery. Our philosophy means that we take the smallest fastest backup images we can and then we give you ways to automatically test those images for reliability, compress them into daily/weekly/monthly files according to your retention policy, and replicate those images locally and offsite. This gives you a solid foundation from which to recover those images quickly to almost any new environment. I have yet to see a faster more reliable solution among our competitors.

      Cheers,
      Steven

  • Regarding Shadowprotect desktop:
    I am looking for the following capabilities
    1. Windows 8.1 compatability
    Everything I've examined says Win 8 but nothing about Win 8.1
    2. I want to be able to do the following on an ACER S-3:
    320gb hd with Win 8.1
    create an image of the 320gb drive.
    Install a 120gb drive in the ACER.
    Install the image to the 120gb drive.
    I am assuming that I can boot from the Shadowprotect
    CD, use an external usb connected dock with the 320gb
    image, and successfully install the image from the
    external dock to restore to the 120gb drive installed in the ACER.
    3. Does Shadowprotect take care of setting up the needed
    partition and format for the target drive (120gb in this case)

    I've looked at several of the alternatives to your product
    posing the same questions above and get vague or downright
    misleading answers to my items 1, 2 AND 3 above.

    If I purchase your product will I be able to do what I
    want as stated in items 1,2 and 3 above?

    I have done exactly what I described in items 1,2 and 3
    above for WIN 7 using a product called EZGIG II and am
    pleased with the results. I am looking for the same
    capability for Win 8.1.

    Please avise,
    Joe O'Loughlin

  • Hello,

    I'm just wondering if any of you have actually tested this scenario in the end and come to any conclusion since this article was published.

    Thank you!

  • 1 2 3 10

Search by Tag

2014 press release award backup BDR Big Data business business continuity case study cloud cloud backup cloud computing curation cyber security data center data management data protection data recovery disaster planning disaster recovery Hard disk drive Hardware healthcare industry news IT industry linux marketing Microsoft Mobile MSP MSPs news partners ransomware ShadowProtect software StorageCraft StorageCraft Cloud Services storagecraft news tech tips VAR verticals video virtualization webinar Windows