Ransomware attacks are becoming an everyday occurrence, and operators are increasingly targeting the cloud. In what’s known as cloud ransomware, or RansomCloud, adversaries are seeking ways to attack cloud applications and stored data, as well as cloud-based companies.
US-based cloud hosting service Cloudstar, for instance, was hit in July by a sophisticated ransomware assault that brought it to a standstill for days. Although such attacks are more prominent, cloud-based services have been targets for years, with South Korean web hosting company Nayana, for example, paying a $1 million ransom in 2017 after data on customer servers was encrypted.
As COVID-19-fuelled digital transformation ensues, meanwhile, most organisations have migrated at least some of their business to the cloud. This move comes with improved efficiency, but experts warn it can also increase the risk of being hit by RansomCloud attacks.
Cyber criminals can target the cloud with ransomware in multiple ways. One is by encrypting data organisations store on their own systems backed up to the cloud, explains David Emm, principal researcher at Kaspersky, while another is obtaining access directly to cloud-based data. “Adversaries are using social engineering to trick staff into disclosing the credentials needed to access cloud systems,” Emm tells IT Pro, adding if any system is protected using weak credentials, attackers can use brute force methods to gain access.
Hackers can also target the cloud by compromising a cloud provider itself. This is less common, but it does happen, with the infamous REvil gang, for instance, in 2019 compromising PerCSoft, a provider of backup and cloud storage facilities to US dental practices.
Cloud ransomware: How cyber gangs gain access to the cloud
As most organisations move to the cloud, ransomware operators have started to target cloud infrastructure, says Ian Farquhar, field CTO in the security architecture team at analyst firm Gigamon. This is being fuelled by the fact cloud infrastructure security is a challenge for many organisations. “Hiring infosec specialists is difficult; hiring infosec specialists with cloud experience is even harder.”
There are multiple…