First, rsync.net is "cloud storage for offsite backup" - you can't run a git server[1] (or anything else) there. It's not a VPS or a web host. It's a remote unix (ZFS) filesystem that you can access over SSH.
The other point you are missing is that the ZFS snapshots I refer to are immutable as far as you are concerned. Of course we can remove them[2], and could do so at your (vetted, verified) request. Further, we don't have unlimited disk space so the snapshots rotate out (expire) over time. Every day the 7th one is removed to make room for the new "yesterday" snapshot, and so on.
The point is, an attacker can gain full access to your backups with all of the control you have ever had over them and they can't destroy/delete the snapshots. That would have helped the victim in this story immensely.
[1] You can, however, put git repos there and interact with them, using git, over ssh.
[2] Although it requires root and is an involved, manual process - which is good.
One concern I have is right here:
"your (vetted, verified) request."
What's that mean specifically? There's potential for attacks there. For instance, a request from several email addresses might come from computers the admin controls. Same with some 2FA's. One would have to be careful here. I got a voice idea that just passed through my head that could leverage their smart (or dumb) phones. Also maybe dedicated tokens, apps on their phone or home computer, or something that come from your company. I'm curious what you're already doing, though.
It means that the owner and founder of rsync.net stares at your request and decides how he feels about it. Then he weighs the financial security of his family and the reputation of the business firm that has become (over these last 16 years) his life's work ... and decides if one of the engineers should call you on the phone and vet your request just a little bit more ...
Aligned interests and "skin in the game" ... those are powerful things.
