Reaching for the cloud: Can ransomware infect cloud storage?
Over the last few years, ransomware has emerged as one of the biggest cybersecurity threats to enterprises. A business falls victim to a ransomware attack every 11 seconds, according to Cybersecurity Ventures.
A dangerous form of malware, ransomware encrypts a business’ mission-critical files and applications and holds the business hostage till a ransom is paid to regain access. The average cost of a ransomware attack on a business is a staggering US$133,000. It has far-reaching consequences, and companies need to do everything in their power to safeguard their systems from such an attack.
What is further worrying is that ransomware attacks are becoming more sophisticated. Cybercriminals have now started using the Double Extortion approach, which involves not just encrypting the data to demand ransomware but also threatening to upload sensitive information if their demands are not met. Growing adoption of remote working because of the ongoing COVID-19 pandemic has also made it easier for cybercriminals to break into systems.
Increasingly, businesses, big and small, are partnering with cloud service providers that usually have robust security protocols in place. Even so, this does not mean that their data in the cloud is immune to ransomware attacks.
Several companies have multi-cloud deployments now, which makes it tougher to manage security. Increasing complexity in an organization’s cloud infrastructure also makes it more difficult to restore data in case of a ransomware attack.
Can it happen to you?
In the last few years, there has been a massive increase in the number of ransomware attacks. Package delivery major FedEx reported a whopping US$300 million in lost earnings in the first quarter of 2017 from the NotPetya ransomware attack. Cybercriminals took over users’ computers, encrypted their files, online databases, and crippled shipments. Cybersecurity specialists found that even if the company paid, the data infected by NotPetya, in all probability, may be deleted.
More recently, in August this year, Japanese camera maker Canon was the victim of a Maze ransomware attack. Maze is a type of ransomware that steals and threatens to sell the data. Cybercriminals managed to hijack around 10 TB of data affecting the users of the 10GB free storage service offered by Canon.
The reality is that businesses of all sizes, across different business verticals, are vulnerable to ransomware attacks.
It is imperative you cover all bases to protect your business. Here are a few key steps you can take to safeguard your business infrastructure:
Keep multiple backups: The best way to thwart ransomware is to have multiple backups of data. So even if one backup gets into the wrong hands, you still have other copies to fall back on, ensuring you are not held hostage and don’t have to shell out a ransom. It is recommended to have a minimum of two local and two cloud backups.
More than half of the firms that experienced a ransomware attack were able to restore the data from backups, leading to a speedy recovery, according to the recent Sophos report.
Educate employees: Ransomware is often deployed via phishing or social engineering tactics. Human errors or vulnerabilities can cost a business millions of dollars. Hence, it is crucial to educate your workforce on the dos and don’ts of online behavior to protect company data.
Secure data at endpoints: If a ransomware attack manages to get through your security armor, your data at endpoints will be the first thing to get impacted. If these are hijacked, the chances of the changes being synced to cloud storage are very high. A leading-edge security solution such as BluVault secures your endpoints, as well as archives. Additionally, it can also help you adhere to data protection and data privacy compliance requirements.
Encrypt data in transit and at rest: Data is not just vulnerable when resting in the cloud but also while in transit. Encrypting the data can ensure it cannot be used by criminal minds even if they steal it. An encryption solution such as BluKrypt protects the sanctity of data while traveling and ensures it is stored safely in the cloud.
Prepare a disaster recovery plan: While the above steps can help you prevent a ransomware attack, you should be prepared if you do fall prey to one despite your best efforts. A robust and tested disaster recovery plan can mitigate ransomware risks and minimize downtime/disruption to your business. Parablu’s BluVault can ensure safe and reliable backup, as well as timely recovery, and play a key role in your disaster recovery strategy.
Ransomware can have grave financial repercussions and can be detrimental to your business growth. Following these steps and partnering with the right security partner will give you the best chance to prevent a ransomware attack.