August 15, 2020

Volume X, Number 228

August 14, 2020

Subscribe to Latest Legal News and Analysis

August 13, 2020

Subscribe to Latest Legal News and Analysis

August 12, 2020

Subscribe to Latest Legal News and Analysis

Ransomware’s next target –THE CLOUD!

Darkreading.com reported there the cloud is likely the next target since “…most public cloud providers do supply basic security controls, they may not include all of the latest security services needed to prevent more evasive threats.”  The February 11, 2020 article entitled “Why Ransomware Will Soon Target the Cloud” which included these three reasons why the cloud is the next ransomware target:

First, the cloud has been left largely untouched by ransomware so far, so it's a new market opportunity for attackers.

Second, the data and services stored or run through the cloud are now critical to the day-to-day operations of many businesses. Five years ago, a company might have been able to function without its cloud deployment in the short term, so the pressure to pay a ransom wouldn't have been as high. Now, most businesses will be crippled if they lose access to their public or private cloud assets. That creates the same intense pressure to restore services quickly that we've seen with hospitals, city governments, and power plants over the last few years.

Third, the cloud offers an attractive aggregation point that allows attackers to access a much larger population of victims. Encrypting a single physical Amazon Web Server could lock up data for dozens of companies that have rented space on that server. As an example, several attacks in the first and second quarters of 2019 involved bad actors hijacking multiple managed service providers' management tools and using them as a strategic entry point from which to spread Sodinokibi and Gandcrab ransomware to their customer rosters. The same principle applies here — hacking a central, cloud-based property allowed attackers to hit dozens or hundreds of victims.

What do you think?

© 2020 Foley & Lardner LLPNational Law Review, Volume X, Number 49

TRENDING LEGAL ANALYSIS


About this Author

Peter Vogel, trial attorney, Foley Lardner
Partner

Peter Vogel is renowned as both a trial and transactional lawyer who deeply understands technology, science and intellectual property, and the opportunities and problems they pose for clients. Governments and administrative agencies, as well as major corporations and emerging businesses, rely on Peter to get right to the heart of an information technology or e-discovery dispute; he knows what to expect and how it will play out in the courtroom. This eliminates unproductive rabbit trails and reduces the cost of litigation for all parties. When negotiating agreements for...

214-999-4422