Cyber world has constantly faced the troubles from attackers of various ways. Giants like Yahoo and Ashley Madison went through the struggle of user data breach, recently. Among more recent incidences, WannaCry ransomware attacked several government and finance organizations across the world that disturbed the operations intensely. The latest victim in the list is Cloudnine Realtime.
Cloudnine Realtime Ransomware Attack
Cloudnine, a cloud hosting provider, was attacked by ransomware that caused the disturbance with service availability, lasted for some days. Letter from Alessandra Lezama, CEO of AbacusNext ( the company that acquired Cloud9 Realtime in Feb this year), claims that data centers located in California and Texas, which host nearly 30% of the clients, were affected. Data centers located in California were recovered on the day of attack but the Texas-based data centers took longer. The letter also mentions that all the files were recovered successfully without any permanent loss but it does not assure if the client data was just encrypted or also accessed by the attackers, which can be considered a sign of trouble that still looms large on the horizon.
The company is known for serving accounting sector clients and because of the attack, several clients were not able to access their accounting applications and data. When the issue started, the support team of the company, reportedly, assured that the issue will be resolved in some time. However, the issue pertained for long and some customers even reported that customer support stopped responding to calls and emails later.
You may also like to read: What Digital CPAs Can Learn from Yahoo Attack?
Understanding Ransomware Attacks
Ransomware are malware programs that access and encrypt the data into an illegible (or inaccessible) format. The attacker then demands ransom from the data owner to revert the data back to its original format. The popularity of Bitcoin has also attracted the attention of such attackers as it is the mostly the method is which ransom is demanded.
The number of such attacks has increased in the recent times. Verizon Data Breach Investigations Report (DBIR) 2014 listed ransomware at 22nd spot in the list of most common form of malware and it has raced to 5th spot in 2017. Individuals, businesses of all sizes, and even government bodies have been victims of such cases. Different victims have opted for different resort to handle the attack. While some paid the ransom, others managed somehow recover the data. A few ended up losing the data permanently as well.
Prevention is Better Than Cure. Always!
Accessibility of the attacker to the data makes the way for the attacker to launch ransomware. Here are some of the ways that can help you stay safe:
Secure storage of the data:
Password protection to the data is the primary step in the process for securing data. Verizon DBIR 2017 suggests that 81% of the breaches are caused because of passwords, which could have been stolen and/or weak. So, keep your password protected. Changing them often and with a strong one is the way to go.
Opting for end-to-end encryption is another important step, especially for the storage that involves network process. It ensures that data is not compromised during the network transmission or in the cloud-based storage.
Be Watchful with Emails
Emails have a reputation of making the way for malware since long. 66% of the malware are installed over email attachments, according to Verizon DBIR 2017. If the links mentioned in the email are also taken into consideration, the numbers will soar further.
As the users and email service providers strengthen their ends to block the attacks, the attackers are opting for enhanced methods to trick their way around. It has been found that some attackers involve the victims in email threads to gain the trusted access to the emails before sending any malicious element. The attacker may even the use the email domain that is like the email contact victim often interacts with. Representing as someone known they lay their path for attack or malicious software.
Software Installation Needs Attention
Software make life easy, but that can turn completely opposite, at times. Many software, especially the free ones, bring with them various malware such as spyware, adware, etc. Be watchful with the software vendor. They must be trustable. But the job is not over with that. Attention is required for the installation process as well – which mandatory permissions the software requests, does it carry any add-on software, etc. Do not click ‘I Agree’ without reading what you are supposed to agree with.
Important Considerations with Cloud Services
Security was prime concerns with cloud services when they arrived in the market. With improvements in security technologies over the years, cloud services have come up as a reliable and secure host for data and applications. At the same time, attackers have discovered newer ways to intrude and cause the troubles, such as ransomware attacks. To stay protected while working on cloud services, here are some ways you can adopt.
Pick a reliable cloud service provider:
Almost every cloud service provider claims to be safe. So, how do you make your pick?
Question them on security technologies and practices that they offer. Experience with the services is also an indication of their ability to tackle attacks. Maintaining a clean sheet for years in continuity speaks a lot for them. You can also demand their disaster management plan and SLA. Before making a choice, test them on trial. Some brands even prefer to get the third-party security analysis report. Once you are satisfied on all these grounds, choose the service provider.
Data centers, their location, networking and backup:
You can consider data center location, cross-data center networking, and backup practices to count on the reliability of cloud services provider. Usually, service providers opt for third-party data centers because of various positive reasons. Therefore, being aware of the data centers on which your data and applications will be hosted can play a crucial role.
Availability of Support:
In the case of Cloud9 attack, a major setback for the clients was the unavailability of the customer support for a significant duration. It could be because of heavy customer queries that might have slowed down the response time. But in the professional arena, excuses are not usually accepted, however genuine they may be. Responsiveness of the customer support adds to the trust of the client when the services may not be at their best. Nice words from company representatives keep the trust with the services intact and it also keeps client aware of the situation, which keeps them in the right position of deciding in such situations.
Want to interact with our security experts for a tip?