Commentary - Barracuda Networks embarassed by hacker attack

A prime example of patient bad guys waiting for the right opportunity. Disabling a piece to your security formula in order to perform maintenance or an upgrade is gambling. Ideally you would disconnect/block the point of entry during the window, e.g. turning off internet connectivity.

However too often people bow to pressure from above even when it is 3am. "Turn of the Internet? How long? That will take email down correct?" It just might take other 'important' systems down. A downside to centralization perhaps? Or if you had an "high availability" solution for that component, you can typically failover, upgrade the primary, failback and upgrade the secondary. However it is probably unlikely management sprang for the extra cost of HA.

Hosting companies that announce maintenance and service interruptions are also announcing times when they may be open to attack vectors typically unavailable. I know they are an inconvenience when they shut down entire clusters or segments for what would typically be minor work, but it's for their own protection.

At least now you can "bookmark" this as an example when management does not understand the risks. Typical with a lot of technology, it works 99% of the time without an issue but only takes one incident to make headlines.

Barracuda Networks embarassed by hacker attack - SQL injection nets names and email addresses

A hacker has broken into a Barracuda Networks database and obtained names and email addresses of some of the security company's employees, channel partners and sales leads.

[TechWorld Security]