White Paper

Cloud-Native Ransomware – How attacks on availability leverage cloud services

Cloud-Native Ransomware – How attacks on availability leverage cloud services

How Ransomware affects cloud-hosted enterprise data

Ransomware is a financially motivated crime with the goal of inhibiting business systems and obtaining a ransom payment. Historically, ransoming data residing in traditional on-premises enterprise workloads and government systems have resulted in ample financial gain for assailants using ransomware attacks. With the expanding cloud footprint of modern digital systems, organizations are now trying to determine if ransomware can affect cloud-based workloads to the same degree, and further pondering “will there be evolutionary pressure on attackers which forces them to evolve their tactics.”

With recent observations of trends in cloud adoption and data migration, my conclusion is such: I do not see how ransomware COULD NOT become a larger problem for global business.

My thesis on this subject can be summarized simply as: Wherever critical data lives, ransomware will go. When business data resides in the Cloud, rather than, say, in an on-premises database, it makes financial sense for attackers to evolve their tactics to target cloud systems with the same objectives as on-prem systems.

This paper serves to outline paths a malicious actor in the cloud might take to affect the availability of data by using the tools provided by the Cloud Service Provider (CSP). In addition to attacker behaviors, I have outlined proactive steps to secure cloud APIs which provide cryptographic services, architectural patterns to make securing these systems easier and methods for detecting cloud-native ransomware.

Kat Traxler

Select language to download
Instant Free Access
Oops! Something went wrong while submitting the form.
Instant Free Access
Oops! Something went wrong while submitting the form.

Trusted by experts and enterprises worldwide