Netgear ReadyNAS Accidentally Deletes User Backups On Local Devices
-
This one is epic. The Register reports on a Netgear ReadyCLOUD outage that resulted in customers not having systems back up to the cloud as expected. This, alone, is minor as cloud outages are expected and a backup going to cloud should be a secondary or tertiary storage location for data. However, because of "account" issues that were seen by the local Netgear ReadyNAS storage devices due to the outage, local ReadyNAS devices were instructed in code to locally delete all of the data stored on the physical ReadyNAS devices at the customer premises as well - so the live data and home directories of users were automatically deleted. And, of course, these had not been backed up.
Because the error happened on the server side, there was no mechanism to double check the deletion procedures like should happen if a customer was intentionally removing the data on the client side. This is an extreme example of the dangers associated with account boundaries and how software and automated systems can and will react to account issues, whether real or mistaken as was the case here.
It has taken four weeks for Netgear to admit this incredible mistake to customers and some customers are complaining that they have not yet been contacted.
-
This is insanely huge. Let's break that down...
- Cloud System Fails (this happens, NBD)
- Backups are Not Taken Because of Above
- Systems See Outage as "Account Removed" <- Very Bad
- Systems See "Account Removed" as "Delete All Live Data from Local Account" <- Really, Really Bad
- Four Weeks Before Admitting the Disaster to Some Users <- Pretty Bad
- Some Users Still Not Identified or Contacted <- Pretty Bad as Well
These are the dangerous of too much integration and too little control and transparency. Mistakes happen, yes. But excessive account tie-ins are incredibly dangerous. These are the kids of account mistakes that are bi-directional and all for things like one account mishap to take down unlimited redundancy in datacenters. Account protection is completely necessary for protection. Accounts are one of the most vulnerable points in storage systems.
Time for a SAM-DR? We need something simple, but enterprise ready and not subject to account risks of this nature.
-
Overheard at Netgear water cooler:
Engineer 1: "I know, let's make the customer's backup device delete everything if it's confused about account status."
Engineer 2: "totes, great idea."
-
@scottalanmiller said in Netgear ReadyNAS Accidentally Deletes User Backups On Local Devices:
Time for a SAM-DR? We need something simple, but enterprise ready and not subject to account risks of this nature.
For Sure! That'd be an interesting topic.
-
Who needs cryptolocker when you've got these guys?!
-
@Rob said in Netgear ReadyNAS Accidentally Deletes User Backups On Local Devices:
Who needs cryptolocker when you've got these guys?!
At Netgear, we make doubly sure you won't get cryptolocker, no files, no problem!
-
lol - the ultimate in ransomware protection. watch they don't raise prices, that's a premium feature