Contrary to popular belief, ransomware is not a new concept. Its first ever iteration came about back in 1991, a.k.a. almost two decades ago, when the Internet was still in its incipient stage. It was known as PC Cyborg, and it was spread by a biologist who sent other researchers infected floppy disks through surface mail.
Ransomware: Who Does It Target?
While ransomware might have been around for almost 20 years at this point, it was only five years ago that the issue truly blossomed. It all began with CryptoLocker, a classic malware that sealed user files and demanded money for their safe decryption. Over the course of one year, it infected nearly 500,000 machines, a number some would say is rather impressive.
Nevertheless, CryptoLocker was as primitive as malware comes, as it was spread through spam emails. This made it easy for the Operation Tovar white-hat campaign to eradicate it. But while this situation was put to rest, it also created a precedent. The floodgates were now open for other malicious third parties to use ransomware for their unlawful intents.
In the years to come, more and more large-scale attacks followed. Perhaps the first truly famous one was the WannaCry ransomware infection of 2017. Avast’s director of strategy Johnathan Penn declared it the worst in history, as it spread like wildfire over 116 European and global countries in just four days.
The whole shebang started on May 12th, and 250,000 machines were compromised by the 15th. What made it so interesting was the fact that it used an NSA-grade hacking tool that exploits Microsoft defects and gaps in security protocol, namely EternalBlue. Then NotPetya, Petya’s refined sibling, came in and sealed the deal.
NotPetya was so aggressive that it wasn’t even considered a ransomware case anymore, but rather a full-blown cyber attack. It originated from Russia and had Ukraine as its main target, shutting down hospitals and other institutions in the process. Many saw it less like an instance of hacking and more like a political statement of sorts.
So, who does ransomware target? The answer is: everyone. While the main idea behind it is to either wipe out data or extort people who have money for the payoff, anyone can be a victim. Fortunately, a simple and cost-effective solution to the problem comes in the form of cloud, and we will explore this in the next section of the article.
Cloud to the Rescue
Companies affected by ransomware lose an average of 713,000 dollars through paying their attackers to unlock files, and then revamping and repairing their security protocols and infrastructure. In addition to this, a part of this sum also goes into a reputation-enhancing campaign aimed to regain the trust of clients.
And yet, not many businesses out there make too much of an effort to protect their data and prevent infections in the first place. In fact, only 21% of small and medium-sized American firms stated that they are prepared to face any cyberthreat that might come their way, as highlighted by a Webroot survey. This is concerning, to say the least.
And yet, the solution is obvious and accessible for all. We’re talking about the cloud, of course. Securing company data in the cloud first and foremost means that you will always have a backup of the important files on servers, which eliminates the need to buy into this type of extortion, to begin with.
Furthermore, you are placing your sensitive information in the hands of large companies that are far better equipped to prevent or handle security breaches. After all, most cloud-based platforms are created by reputable names in the industry, such as Google, Amazon, Oracle, or IBM. When you sign with them, you can expect the best possible protection.
Cloud service providers have enforced security protocols that protect the core of their business, and they also maintain exemplary practices and procedures in the name of their clients. Due to this, using a platform of this kind to store company files on won’t only secure them better, but reduce costs within your firm as well.
In a nutshell, you won’t need to invest excessive amounts of money in your own infrastructure and the staff running it, as this is included in the cost of the cloud storage package. It’s always recommended to stay protected on all fronts, but when you have an ally in the guise of a huge tech company by your side, the process becomes a thousand times simpler.
Potential Threats and Predictions
When the world’s most vicious ransomware attacks yet hit computers in 2017, the cloud seemed like the obvious choice for protection. It provided businesses with safe storage for their files, as attackers didn’t possess the necessary tools to corrupt such a platform quite yet. What is more, it was extremely accessible and cost-effective for many smaller firms.
However, according to the MIT Technology Review, this all changed in 2018. The esteemed university’s predictions for the current year are grim ones, as it seems hackers were expected to start making use of machine learning protocols and artificial intelligence neural networks to develop bugs that are more and more aggressive.
This is corroborated by the findings of the 2018 McAfee Labs Threat Predictions evaluation. While it is true that machine learning can be a great line of defense against cyber attacks, it can also be used by aggressors in similar ways. As easy as IT specialists can use this to detect vulnerabilities and fix them, so can hackers do the same to exploit them.
While it is true we haven’t seen this happen yet, one of the biggest security breaches of 2018 was indeed related to cloud storage systems, although ransomware played no part in it. Data aggregation company Exactis left 340 million private records in the public eye through a ridiculously easy to avoid database misconfiguration at the level of their cloud service.
The cloud is no longer untouchable, and ransomware will catch up with it soon enough. After all, if Russian hackers could turn the primitive Petya virus into one of the most ferocious and hard to combat ransomware infections throughout one short year, imagine what the same malevolent minds can do with today’s robust technology.
The Bottom Line
The ransomware frenzy that started roughly five years ago doesn’t seem willing to stop too soon. While the cloud is the obvious solution here, it shouldn’t be considered 100% failsafe by any means. Hackers are becoming more and more resourceful as they use modern technology for their nefarious purposes, which makes proactive protection the only viable solution.
About the Author: Cristopher Burge
Cristopher Burge is a very passionate writer with a master’s degree in information technology, specialized in network management and defense. His biggest passion is, of course, technology. He loves researching and writing about it because he believes that it should be our ally. On his website, Cloud Storage Advice, you can find more detailed information about online storage, reviews, and hot trends.
You really think that putting something in the cloud automagically makes it backed up? It’s obvious you have never been the administrator of a laptop, let alone a corporate IT infrastructure…