If the attacker has the control over the hypervisor, then the full access to VMs will be under threat. In order to overcome this situation, the following plans and ideas can be helpful. The document outcome is the ideas discussed among the SMEs.
Limit the access to admin
PEN Testing the accounts to evaluate the security. Example: Brute force test on password.
Having Backups of Hypervisor and nodes for Fallback/re-deployment
Performing Audits periodically
Updated backups that can be written over the compromised systems.
A Kill-switch to stop the process.
In order to find the solution/ to know in details about the risk that has happened, responder team is one to be communicated first.
Point of Contact: Rily and/or Robert
Point of Contact: Kyle and Haxhi
There are possibilities that Government can restrict/ban crypto in the country or in any particular province. If that is the situation, the following plans helps in overcoming the problem. Also, provide the responder team who can clarify the status of that condition and possible solutions.
Always having a proactive design to avoid the regulatory compliance
A separate role to monitor the regulatory trends
Having a duplicate setup in another country
Lobby the Govt to have a Crypto friendly policy
Stay away from promoting ideas that could cause regulation issue
Have a legal counsel
Anonymous users as witnesses
Create Server space to Offload several services in other countries with Jurisdictional ability.
In order to find the solution/ to know in details about the risk that has happened, responder team is one to be communicated first.
Point of contact: Jonathan / Leadership Team
Point of contact: Team B
Power is the key factor to run any server. There are situation where the power and backup can fail to switch back which halt the servers to come up. It can be any disaster, natural calamities, accidents, etc., In order to overcome this situation, the following ideas and plans were proposed by the SMEs. This can help the user to understand the possibilities and person to help in retrieve the situation to normal.
Providing a backup to backups.
Plan Tier-3 availability.
Generators for critical operations with auto-on features over power failure.
Key actors need to have clear communication among themselves
The mirrored servers can be Off-premises
Maintenance Team with 24/7 availability
Re-deploy the services such as AWS, Linode, etc., whenever in need
Pre-written redeploy plans for critical services
Start the Generator
In order to find the solution/ to know in details about the risk that has happened, responder team is one to be communicated first.
Point of Contact: Jonathan / Maintenance Team
Point of Contact: Kyle and Riley respectively
Distributed Denial-of-Service (DDOS)
DDOS attack will deny the User to connect with any online services, sites, and application. This is a cyber attack and it's unpredictable. If a user come across any such circumstances, the below ideas, response plan can be helpful.
The following ideas are listed based on the inputs from SMEs
Having Load balancers in place.
A method to detect DDOS attack while they originate.
Using services like CloudFlare to secure the internet connectivity.
Limit the number of connections (Reasonable counts).
Direct communication with ISP NOCs.
Keeping the Backups servers Off-premises .
Find a good counter-measure software to stop/fight against the attack.
If attack has happened, the servers can be flipped to backups.
Communicate with marketing team depending on the services attacked.
In order to find the solution / to know in details about the risk that has happened, responder team is one to be communicated first.
Devops Team Point of contact: Haxhi
Development Team
The entire Peerplays network works in a Bunker. There are several things that might bring down the network. This document covers the possible risks along with the plan to solve any such occurrences. Though there are several possible risks, only 4 risks are filtered based on the audience (SME's) choice.
The list of Risks discussed are
DDOS
Hypervisor Compromised
Power and backup Failure
Crypto Restriction