Estimated reading time: 2 minutes, 46 seconds

Malware is not a new phenomenon in the computing world. Viruses, trojans, and other forms of malicious software have been around at least since personal computers started popping up on users’ desks. It’s the reason that antivirus software is recommended for all systems and why you should never open a suspicious file or email attachment. Doing so risks infection by damaging software hidden in the downloaded files.

In recent years, an especially pernicious form of malware, known as ransomware, has been affecting computer systems with devastating results. This particular type of attack encrypts or locks a user’s data and demands financial payment to get the information back. In some cases, even if payment is made access to the files is not restored. Infection with ransomware can be catastrophic for the organizations it impacts.

The Cloud is not Immune to Ransomware Infection

The purveyors of ransomware search for targets that have the financial resources to meet their demands. They have been going after medical offices and small businesses for years and are now also turning their sights to cloud providers and applications. These businesses cannot afford any extensive downtime without causing major problems for their clients. The providers have a business imperative to quickly settle with the criminals to avoid extended outages and the ensuing hit to their reputation.

Here are some examples of how ransomware has impacted cloud service providers and, by extension, the customers who depend on them.

Cloud computing provider iNSYNQ, which specializes in furnishing virtual desktop environments to its customers, was attacked with ransomware from a strain called MegaCortex in July of 2019. The infection caused the loss of access to customer data that lasted over a week in an industry where outages usually are resolved within a few hours. The company had to take down their infrastructure to prevent further spread of the malware and were tasked with rebuilding and restoring the data for thousands of servers.

Cloud hosting provider Cloudnine Real Time was hit with ransomware in September of 2017. The attack compromised data from 30% of its customers by locking their files and making them inaccessible. It took almost a week to fully recover user data from backups, some of which had also been infected with corrupt files. Fortunately no data was stolen by the hackers, so once the restore process was completed it was back to business as usual for the company.

The foreign exchange company Travelex was attacked on this past New Year’s Eve by malware named Sodinokibi, causing a severe impact on its ability to provide services to its customers. The cybercriminals are demanding a payment of $6 million and are claiming to have taken 5 GB of customer data that it is holding until the ransom demands are met. Travelex is still scrambling to understand the full scope of the intrusion and may be open to additional penalties, if data has been stolen, for not notifying the proper organizations promptly. This puts them at odds with the European Union’s General Data Protection Regulations (GDPR) which require reporting of potentially customer-impacting data breaches within 72 hours.

While the cloud offers many benefits to the computing community, it is not immune to the threats of ransomware and other malicious software. It’s something else to consider when making plans to migrate your data or services to a cloud provider.

Last modified on Monday, 27 January 2020
Read 621 times
Rate this item
(0 votes)
 Robert Agar

I am a freelance writer who graduated from Pace University in New York with a Computer Science degree in 1992. Over the course of a long IT career I have worked for a number of large service providers in a variety of roles revolving around data storage and protection. I currently reside in northeastern Pennsylvania where I write from my home office.

Visit other PMG Sites:

click me
PMG360 is committed to protecting the privacy of the personal data we collect from our subscribers/agents/customers/exhibitors and sponsors. On May 25th, the European's GDPR policy will be enforced. Nothing is changing about your current settings or how your information is processed, however, we have made a few changes. We have updated our Privacy Policy and Cookie Policy to make it easier for you to understand what information we collect, how and why we collect it.
Ok Decline