Ransomware Attackers Eye IaaS Providers, Here’s How You Can Stay Safe


We live in a digital age where every second, terabytes of data are transferred over networks and stored for business operations. Data is the new digital currency on which companies are building huge empires. However, the most profitable asset of a company — data — is also its most vulnerable part, especially when it comes to malicious acts such as ransomware attacks. In the age where Cloud security is one of the major concerns, Infrastructure-as-a-Service (IaaS) is no stranger to cyberattacks.

Recently, IaaS deployments have faced a number of ransomware attacks, where the culprits made hefty demands. IaaS is one of the most prominent cloud computing models. IaaS providers basically own huge data centers and offer that hardware to host various services.

According to expert analysts like Brian Krebs, there are three factors that make cloud deployments vulnerable.

  • First, cloud is a new market opportunity for hackers. The number of ransomware attacks has increased in the last year.  
  • Second, as time progresses, more and more critical data and services are stored or processed in cloud environments, serving as lucrative targets for hackers.
  • Third, cloud acts as an aggregation point that allows hackers to target a large number of victims.

Recent ransomware attacks on IaaS providers

Equinix discloses ransomware incident (September 2020)

Equinix is one of the world’s largest providers of on-demand colocation data centers. The company has taken a proactive approach in providing regular updates about the incident on their blog. Equinix also released an official statement regarding the breach via a blog post,

“Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems. Our teams took immediate and decisive action to address the incident, notified law enforcement and are continuing to investigate. Our data centers and our service offerings, including managed services, remain fully operational, and the incident has not affected our ability to support our customers. Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix. The security of the data in our systems is always a top priority and we intend to take all necessary actions, as appropriate, based on the results of our investigation.”

Alibaba Cloud had recently announced a partnership with Equinix to reach 17 new markets. Read the full story here: https://www.cloudmanagementinsider.com/alibaba-cloud-extends-reach-to-17-markets-through-equinix-partnership/

Ransomware attackers demand hefty amount from Cognizant (April, 2020)

A ransomware incident can be critical for businesses, and Cognizant’s case proves the same. Karen McLoughlin, the CFO of Cognizant, talked about the same during an earnings call in May, “While we anticipate that the revenue impact related to this issue will be largely resolved by the middle of the quarter, we do anticipate the revenue and corresponding margin impact to be in the range of $50 million to $70 million for the quarter.”

The company later confirmed that the attack affected just the internal network, leaving no impact on customer systems.

Ransomware attack hits CyrusOne (December, 2019)

CyrusOne is a well-established data center provider in the US and ZDNet reported about the company’s data centers being breached. Later, CyrusOne confirmed the same. A spokesperson for CyrusOne told ZDNet, “six of our managed service customers, located primarily in our New York data center, have experienced availability issues due to a ransomware program encrypting certain devices in their network. Our data center colocation services, including IX and IP Network Services, are not involved in this incident. Our investigation is on-going and we are working closely with third-party experts to address this matter.”

Need of the hour – implement basic security protocols

The general perception regarding cloud security is that cloud providers must fulfill all security responsibilities. However, customers overlooking responsibilities on their end also accounts for a fair number of breaches. Most IaaS providers constantly improve their security posture, but it still does not make them completely immune to vulnerabilities.

Industry experts recommend implementing basic cloud security practices first. This includes preventing any misconfigurations that can possibly create weak spots i.e., a perfect opportunity for attackers to host ransomware. Human error is another common factor when it comes to attackers exploiting deployments. There are no two opinions about the fact that cloud security is continuously improving, even as you read this article. However, implementing basic security protocols can significantly improve the overall security of your cloud deployment.    

Source link


Please enter your comment!
Please enter your name here