Barriers to the Cloud: The Ugly Truth About Ransomware


Thought Leadership

Barriers to the Cloud: The Ugly Truth About Ransomware

Teresa Zwierzchowski

A report by LogicMonitor estimates that 83 percent of enterprise computing will be cloud-based by 2020.

Research by Cybersecurity Ventures estimates that by 2019, a business will be victimized by ransomware every 14 seconds.

Can anyone say, “collision course?”

Cloud computing offers organizations incredible benefits in terms of productivity, efficiency, labor, and cost. Ransomware shouldn’t be a barrier to cloud adoption, but companies and their IT departments must know the risks. Just because something is in the cloud doesn’t mean it’s immune to cyberattacks. Read on to learn the ugly truth about ransomware and how applications and files in the cloud can be vulnerable, as well as some best practices for protecting your business’s data.

Ransomware Evolves

History’s first documented ransomware attack, according to Becker’s Hospital Review, occurred in 1989 and was delivered via floppy disks. However, the threat didn’t pick up steam until this millennium—especially this decade—and its vehicle of choice became and remains email. Delivery via email is simple: Users open an attachment or click on a link, and the ransomware infects and begins encrypting files.

However, in the past few years, ransomware has become much more innovative and insidious. Email isn’t the only method of infection; nefarious websites users might stumble upon (outside of a spear phishing attack), inherent vulnerabilities in applications, and weak networks are also opportunities for ransomware to invade systems. Do-it-yourself ransomware kits can turn any average hacker into a malware-spreading jerk, and the bad guys are getting meaner, often threatening to expose sensitive information if ransoms aren’t paid.

Cloud Doesn’t Mean Secure

The risk of ransomware isn’t exactly big news, but a false sense of security exists that if your applications and files are completely cloud-based, you are safe from attack. Unfortunately, off-premises doesn’t mean out of danger. Files residing in Dropbox or Google Drive are just as vulnerable; automatic sync can send documents infected locally into the cloud. Furthermore, the data from any SaaS apps you use can be corrupted as well. And because many people may be drawing from your cloud services, ransomware can inadvertently be spread in a hurry. As if that wasn’t scary enough, industry experts, including MIT Technology Review, are expecting cloud-based services to be the next big target of cyberattackers using ransomware, meaning you could do everything right and be burned because a provider was targeted.

Smart Backups

Beyond the gloom and doom, organizations can take substantial, proactive steps to protect themselves from ransomware. One effective strategy is smart, robust backups of your files and systems. Paying the ransom is never recommended because there’s no guarantee you’ll get the data back undamaged—or at all. Therefore, the ability to restore systems to their pre-attack state is essential to get your business’s operations up and running again.

Backups can be on-premises, off-site, or in the cloud (or some combination thereof), and the best options update your data often, can be restored quickly, and include some sort of malware protection. Keep in mind that if much of your data already resides in the cloud, that’s not a sufficient backup—use a separate cloud source or non-cloud option for maximum protection.

Proactive Security

The best strategy against ransomware is to never let it invade your systems in the first place. Although some applications include anti-ransomware as part of their security measures, it often is inadequate to protect against modern and constantly evolving threats. Therefore, a top-notch third-party solution is your best bet to keep ransomware at bay. The best platforms take a multi-layered approach to protection by preventing threats from reaching inboxes, filtering suspicious websites, identifying potentially infected files, and removing any lingering ransomware that might already be residing in your systems.

Plenty of other cyber dangers put organizations at risk, but ransomware is getting the headlines for good reason: According to the Verizon 2018 Data Breach Investigations Report, 39 percent of identified malicious software is ransomware, outpacing all other threats. The cloud can’t avoid that storm, so protecting your organization must be a priority.