Ransomware Rumblings in the Cloud

Ransomware Rumblings in the Cloud
Neil Murray is the chief technology officer at Mimecast
Published: 12 September 2017 - 9:12 a.m.
By: CommsMEA staff writer

If you think a ransomware encrypted desktop computer is enough to make you wannacry, imagine how you’ll feel when hackers make the inevitable leap into the cloud – and the techniques and tools they need to make hostages of cloud services and data are already in the wild.

Without doubt, ransomware is now the technique of choice for cybercriminals with a recent PhishMe report showing that 93% percent of all phishing emails contained encryption ransomware.

It’s not hard to see why. Ransomware has proven so effective at extracting hard cash from its victims – faced with a £400 bill to restore access to vital data, plenty of small firms simply pay up and move on.
As a result, it’s been big news too – speculation as to the origins of ransomware code has filled many a column inch.  

In my view, however, we should be thinking less about ransomware’s past and a lot more about its future – and by that, I mean a future in the cloud.

Cloudy with outbreaks of extortion

There are a number of factors that make cloud services and data obvious targets for ransomware attackers – and they all relate to the scale of the opportunity and the enormous payoffs on offer.

Clearly, the potential financial upside for attackers is the most important – and the numbers here dwarf the £8 billion cost of WannaCry.  A recent Lloyd’s of London emerging risk report, estimated that a ransomware-style attack on a cloud service provider could trigger total, worldwide losses of $121billion.

With that kind of bounty on offer, does anyone really think hackers won’t move on to the cloud at some point?

If that was not enticement enough, the cloud also represents a relatively easy target.  Not because of some inherent flaw in the model, but because of the near ubiquity of cloud adoption and a widespread failure to properly mitigate the risk of ‘denial of access’ attacks.  

A big target

To put that in context, Microsoft’s latest earnings announcement reported Office 365 revenue growth of 45%, while revenue from its cloud unit rose by about 11 per cent to $7.43 billion in the fiscal fourth quarter ended June 30.  

Indeed, according to Microsoft, Office 365 now serves over 100 million users, and is adding new users at a rate of 40% annually.  

Bear in mind that the vast majority of ransomware attacks are delivered via email – a service at the heart of Office 365, and the size of the target base for cybercriminals becomes clear.

Click here to add your comment

Please add your comment below
Your email address will not be published