While it sucks for the people involved, these posts just got me to go verify that all my sites have backups setup, and that the backups cannot be deleted via ftp
The best way to prevent against that is not having your production boxes copy backups elsewhere, but rather have other boxes, if possible ones that are unreachable from the outside, fetch the backup. The most secure backup machine exposes no services and only fetches backups. No one will detect the box and no one will detect where the backups are stored, unless they wait around on your box for the backups to be fetched. Even then, what are they going to do? A box that only allows outbound connections is very hard to hack.
