There is no circle of hell
deep enough of hot enough for these scum. Otherwise, words fail me.
As the world tackles the COVID-19 coronavirus pandemic, ransomware creeps have knocked offline a public health agency's website that served nearly a quarter of a million people in the US. The Champaign Urbana Public Health District (CHUPD) in Illinois, covering 210,000 folks, including the state's biggest university, said …
This post has been deleted by its author
I don't know for sure, but I'd guess that the storage array that was needed for the site and its databases probably got hit. The typical targeted attack will look to find those before going off so as to cause the most damage. They also probably tried to find and knock out any hot backups at the same time.
Fighting the same shit now, started Saturday. I wish we spent a little more on our NetApp to keep more snapshots. Over-priced storage just pulled our fat out of the fryer, making it worth about 20 times what we paid for it. <1 hr to pull ~80TB back to the day before. Doesn't clean up the mess, but it sure made it easier for us to do it. If anyone finds these fucks, I'll be first on the list to pull the gallows handle. We will be increasing our snapshot space. Grrrr.
Could have been the former, could have been the latter, probably wasn't either. My guess is that they got in with a spear phishing attack. Targeted infections usually start that way. As long as the person who executed the payload had sufficient access, E.G. a person in the IT group, their internal security probably couldn't catch it in time. You could of course argue that there's lots of negligence in that scenario as well, but it would be the fault of different people, so they'll have to figure out what happened before they know who to blame.
Question:
If they decided to get the site back up as quickly as possible, and just used static HTML. Assuming that bandwidth was not a problem, how much hardware would you actually need to serve 200,000 users?
Basically, could you run this off a repurposed desktop, plugged into a fat pipe?
"If they decided to get the site back up as quickly as possible, and just used static HTML. Assuming that bandwidth was not a problem, how much hardware would you actually need to serve 200,000 users?"
The answer depends on the following details:
1. How many files are you serving?
2. What is the average size of each file? Be sure to factor in images, local scripts, CSS files, and anything else a user would download.
3. How often does an average user interact with the site at the time of day/week where your site is most trafficked?
4. When they do, how many pages do they access before they end a session on average?
5. How much data can you cache in memory rather than having to read it from disk?
6. How fast is your disk? How fast is your memory?
7. Does your CPU have hardware acceleration for encryption (I'm assuming this site is HTTPS only as it should probably be)?
8. How tasked can your CPU get before it starts to overheat, underclock, etc?
9. What server software are you using? What is its limiting factor (usually either processing or memory).
10. How afraid are you that you will get a flood of visitors that goes above your previous estimation of peak demand?
And these are only relevant if you can easily create static pages, which if you're using a CMS you probably can't. Sure, it can be done, but it's not a quick process.
Websites are complicated.
When I say 'static html', I was thinking something more like this, with emergency contact numbers etc. Possibly an image or two, but no need for anything more than that. I'm thinking the sort of page you'd write by hand in a text editor.
So, a single 2kb file, times 200,000 users works out to about 400Mb total, so I think we'd probably end up being network-bound, before getting close to the limits of an average desktop. A GB connection would thereby limit you to about 2000 users per second.
I guess the question now becomes, do you really need a whole desktop, or would a Raspberry Pi handle it?
Website are only as complicated as you make them.
Scripts? CSS? A whole CMS? You don't work in marketing do you?