Ukrainian Hackers Breach Russian ISP Nodex and Wipe All Data
The internet and telephony service provider Nodex, based in Saint Petersburg, Russia (Autonomous System AS29329), fell victim to a cyber-attack this Tuesday. The network provider, which utilizes VMware's virtualization solutions, Veeam for backups, and HP Enterprise's (HPE) virtual infrastructure, was targeted by Ukrainian hackers who also showcased screenshots of Nodex's compromised infrastructure, including the complete erasure of both existing and backup data.
Following the attack, the internet traffic monitoring organization NetBlocks reported disruptions across Nodex's fixed-line, mobile services, and other internet services, leaving customers unable to connect through Nodex.
(Source: NetBlocks)
In subsequent updates, Nodex revealed that they were in the process of restoring their systems, although their website remained down. Nodex announced that its network core had been successfully recovered, but engineers were still working to reset switches to get them back online.
As of the publication of this article, Nodex's internet service has resumed, indicating that the company likely had additional backup data enabling the rapid restoration of core services after the Veeam backups were wiped out within just one day.
This incident serves as a reminder of the critical importance of having multiple and off-site data backups, ensuring that services can be quickly restored even if the primary backups are destroyed.