Malicious encryption of shared network files in cloud service providers is top ransomware threat
- Published: Thursday, 15 August 2019 07:55
Vectra research for its ‘Spotlight Report on Ransomware’ shows that cybercriminals’ most effective weapon in a ransomware attack is the network itself, which enables the malicious encryption of shared files on network servers, especially files stored in infrastructure-as-a-service (IaaS) cloud providers.
Attackers today can easily evade network perimeter security and perform internal reconnaissance to locate and encrypt shared network files. By encrypting files that are accessed by many business applications across the network, attackers achieve an economy of scale faster and far more damaging than encrypting files on individual devices.
According to Vectra’s 2019 Spotlight Report on Ransomware, recent ransomware attacks cast a wider net to ensnare cloud, data center/centre and enterprise infrastructures. Cybercriminals target organizations that are most likely to pay larger ransoms to regain access to files encrypted by ransomware. The cost of downtime due to operational paralysis, the inability to recover backed-up data, and reputational damage are particularly catastrophic for organizations that store their data in the cloud.
“The fallout from ransomware attacks against cloud service providers is far more devastating when the business systems of every cloud-hosted customer are encrypted,” said Chris Morales, head of security analytics at Vectra. “Today’s targeted ransomware attacks are an efficient, premeditated criminal threat with a rapid close and no middleman.”