How cloud is changing ransomware security

Between the Petya and WannaCry ransomware attacks, it has never been more important for organizations, companies, the healthcare industry, and pretty much all computer users to take ransomware security seriously. These two attacks hit thousands of computers, stole millions of dollars worth of data and otherwise had the potential to cause serious harm across the networks and systems they infected. But as the world gravitates towards cloud computing and cloud storage, what does this mean in the fight against ransomware attacks?

First, we have to dispel the notion that your data is 100% safe in the cloud. It’s not. While it is safer, overconfidence can be the death of caution and in the world of mass ransomware attacks, being careless is a good way to lose your data.

A study by Cybersecurity Ventures predicts that global annual cyber crime costs will balloon from $3 trillion in 2015 to $6 trillion by 2021, which takes into account damage and destruction of data, stolen money, lost productivity, theft of intellectual property, data theft, embezzlement, fraud, and a whole slew of other cyber crimes. In response, global spending on cyber security products and services is similarly set to exceed $1 trillion over the next five years. The study also found that around half of all cyber crimes target small businesses.

While Petya and WannaCry exposed exploits inherent in Windows OS that were lagging in terms of updates, the cloud offers both new solutions to ransomware security and new vulnerabilities. Considering that 85% of enterprises have a multi-cloud strategy as of 2017, according to a RightScale survey, understanding what the cloud does and doesn’t do to combat ransomware attacks is critical.

Cloud updates

By natures of being one of the newest forms of technology, the cloud is probably the most up-to-date system for your data storage needs. That can go a long way in protecting your data as exploits are continuously ferreted out and patched.

Some of the biggest vulnerabilities in data storage networks stem from the many exploits that can be used to infect said the system with malware and ransomware. Consider EternalBlue, an exploit on Windows OS. Used by both Petya and WannaCry, EternalBlue was used to spread viruses through the network via a server message bloc glitch. The exploit essentially meant that the two malware were able to bypass ransomware security. This exploit was patched, however, by Microsoft and therefore most updated systems should be protected.

While EternalBlue doesn’t necessarily apply to cloud ransomware security directly, what it does show is how critical it is to have your systems fully updated. By nature of being in the cloud, you’re more likely to be running on the most current and therefore secure versions of programs and software, adding a layer of defence that is not present in other forms of data storage.

Find a trusted cloud storage provider

A lot of cloud storage involves some of the biggest names in tech, like Google and Amazon. That’s a good thing for ransomware security.

The fact is that Google and Amazon have billions of dollars on the line if they are hacked. Their respective market shares could fall, trust in their names could be soiled, and their businesses could be severely hampered by an extensive breach. The point being that they have a lot to lose if they don’t protect their cloud storage services. And that means they’ll be throwing their full, mighty weight behind instituting the best security practices and systems available.

While there are many cloud storage providers, finding the right one with the right security apparatus is key to keeping your data safe in the brave new world of endless ransomware attacks. hybrid cloud networking can be used in combination with a private cloud, where the private cloud hosts the sensitive data. This approach allows you to utilize the advantages of a trusted cloud provider without such a risk of ransomware attacks.

Consider that breaching Google’s cloud storage would be like winning the hacker’s lottery, and yet, despite the massive target on its back, Google’s cloud data storage has yet to be successfully breached.

Google and other major service providers implement extensive security measures that ensure that cloud storage is safe and secure, and as such, employing the services of a well-trusted provider could make a world of difference in terms of combatting ransomware in the cloud.

So next time you see a discount, fly-by-night cloud data storage service, run in the opposite direction.

Backup your data

The cloud offers excellent options for disaster recovery. Having your data backed-up is a great way to avoid feeling the pain of a ransomware security breach.

While many businesses do store their data in backup storage, by having it on site there’s a chance that the ransomware could infect the backup drives much in the same way it initially breached your system.

No matter how many firewalls and checks you place between your backup files and your main system, there’s always a chance that the malware could have made its way into those files as well by virtue of the connection the disaster recovery files and original files share.

The cloud offers perhaps the most extensive disaster recovery services out there right now, with many ways to tailor the service to suit your specific needs.

And, as mentioned before, the cloud generally offers better security in the first place, so you don’t have to fret as much about your backup data also being infected.

It’s a smart contingency that will dramatically reduce the cost of a malware or ransomware attack.

The fact is that you can never be 100% safe and 100% guarded. A breach may happen and if it does, the key to avoiding disaster is to be prepared for that scenario and respond accordingly.

Train your staff

Whether on your business network or the one at home, making sure that every individual user is well-versed in ransomware security best practices will go a long way to protecting data stored in both the cloud and on your physical drives.

The fact is that human error is often the main point of entry for these types of ransomware attacks. Clicking on a seemingly benign link can open you up to a variety of malicious attacks. Instituting and enforcing ransomware security best practices will go a long way to making sure you’re protected.

Happily contributed by Sean Westbrook – a content specialist for an IT disaster recovery solution provider. Sean is a dreamer, idea generator and teller of stories. Sean is also a Basketball fan, traveller, and vintage furniture lover.