this post was submitted on 25 Sep 2024
22 points (82.4% liked)
Technology
59378 readers
3844 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I work for a newspaper. It was published without fail every single day since 1945 (when my country was still basically just rubble, deservedly).
So even when all our systems are encrypted by ransomware, the newspaper MUST BE ABLE TO BE PRINTED as a matter of principle.
We run all our systems virtualized, because everything else would be unmaintainable and it's a 24/7 operation.
But we also have a copy of the most essential systems running on bare metal, completely air-gapped from everything else, and the internet.
Even I as the admin can't access them remotely in any way. If I want to, I have to walk over to another building.
In case of a ransomware attack, the core team meets in a room with only internal wifi, and is given emergency laptops from storage with our software preinstalled. They produce the files for the paper, save them on a USB stick, and deliver that to the printing press.
Seems like your org has taken resilience and response planning seriously. I like it.
Another newspaper in our region was unprepared and got ransomwared. They're still not back to normal, over a year later.
After that, our IT basically got a blank check from executive to do whatever is necessary.
Funny how that seems to often be the case. They need to see the consequences, not just be warned. An 'I told you so' moment...
I'm just glad they got to see the consequences in another company.
Their senior IT admin had a heart attack a month after the ransomware attack.