Exfiltration of Data From a Website

Exfiltration of Data From a Website

Profile picture for user LukasVileikis
Lukas Vileikis
01 July 2021

Exfiltration of data is never a good thing. Whether the data is exfiltrated from servers, data centers or websites, the premise remains the same - it’s a security issue that takes a lot of time and effort to recover from. Data exfiltration, in general, is the act of unauthorized moving of information from inside a company to outside of it.

Once you suspect that your business may have been a victim of a data exfiltration attack, you should:

  • Make sure you have proper backups.
  • Make sure that your backups can be promptly and easily recovered.
  • Run employee awareness tests across your whole organization and make sure the results are satisfying (i.e make sure that a certain percentage of your organization can answer certain awareness-related questions etc.)
  • Notify all related people - who has the attacker sent emails to? Who responded? When? Why? How? etc.
  •  Take action to prevent such issues from happening in the future - make sure your infrastructure is protected by anti-spam filters, firewalls etc. and you have security audits going on at least once a year.

Making sure that you have backups and that they can be recovered can also be helpful in this scenario - if your sensitive business data has been compromised or exfiltrated, you might want to recover your data backups locally and observe any inconsistencies in the data that has been recovered before moving on to security measures.

Backups of Your Database Instances with Backup Ninja

Backup Ninja can be your reliable backup partner if you want to back up your MySQL, PostgreSQL, MariaDB, MongoDB, Percona or even TimescaleDB database instances.

Log in to Backup Ninja and one of the first things you will see is the amount of servers you have and also their status - you will be able to see whether they are running, inactive or return some sort of an error:

Servers

You will also be able to see the status of your backups during a specific time period (time periods can be chosen from 24 hours, 7 days or a month) - you will be able to see the success ratio as well:

Backup Ratio

Click on Backups to see the status of all of your backups (pagination is also enabled, so you don’t have to scroll down as much):

Backup Status

Here you will be able to see whether your backups are compressed or encrypted, whether they are uploaded to the cloud or not, what’s their name, their status, when they were taken, on what server, what’s their name, you will also be able to restore them if you so desire. Click on the name of the backup schedule to see the backup method, its status and what it’s scheduled for. You can also show all of the backups relevant to a certain schedule and select certain backups by checking the checkboxes to the left.

You can also view certain schedules - in that case, you will be able to see the method, last execution of your backups, their schedules, their servers, storage options and also expand your options if you want to duplicate or edit the schedule, run a backup now, edit or delete it:

Backup Schedules

 

Click View and you will be able to see all of the information relevant to the backup in question including the backup type and method, last execution date, its compression or encryption options, its name and also the storage locations with relevant information about its retention:

Information about Backup

Email Notifications with Backup Ninja

If your data is found to be exfiltrated, setting up email notifications for the future can also be very helpful:

Email Notifications

Backup Ninja can help you receive notifications when your backups are created, removed, completed or when they fail, you can receive notifications when an Agent is installed, deleted or it reports an error, when it’s started or stopped, you can also receive notifications when a schedule is created, removed or paused or when it resumes operations - as you can see, there’s a whole host of different options available for you to modify.

Data Exfiltration and Activity Log

If your data is found to be exfiltrated, having and observing an activity log can also be very helpful for the future - Backup Ninja’s user activity log can help you observe when users log in, when they log out and what they do when logged in - these kinds of options can be useful if you want to observe user activity to make sure data exfiltration doesn’t happen again:

Activity Log

Summary

Exfiltration of certain data from a website is never a good thing and it can lead to a number of different issues including identity theft and related things, but if you properly educate your employees, observe relevant activity and back up your data, it should not be an issue. If you are searching for a service to help you with your database backup goals - no matter what the flavor of your database instance is - be sure to give Backup Ninja a try today.

 

Tags