No matter if you are a business owner or work in any other sector like healthcare, education, or finance – in 2020, ransomware is officially after your cloud data. This new, more malicious type of ransomware is called ransomware 2.0.
So, how do your files in the cloud get compromised during the ransomware attack?
The first and more traditional way is through the file synching application: ransomware infects the device that runs a synch program, so the synched files in the cloud get encrypted as well.
The new type of ransomware can infect your cloud data straight in the cloud, bypassing all the desktop antiviruses and often aiming straight to your cloud storage. There, it encrypts emails, documents, calendars, and contacts, depending on the type and purpose of the ransomware.
Let’s take a look at how you can get emails compromised by cloud ransomware attack:
Table of Contents
The Sequencing of The Cloud Computing Attack
1. A user gets a phishing email
Even though it seems harmless, there are still signs by which you can understand it is a scam:
- Screaming title
- Urge to click
- Big button with a call to action
In the video, the user proceeds to the site by pressing the button.
2. A user provides requested permissions
This is the most critical step. When you provide a site or an application with permissions it requested, they get to insert malicious code in whatever you gave access to. In the case in the video, hackers had three opportunities: delete emails, encrypt them, or steal information.
3. Emails in the cloud are encrypted
As you can see in the video, it takes a few seconds to encrypt a whole mailbox. The same is fair for any type of data in the cloud: documents, calendars, contacts, sites, presentations, etc. And when those are shared and are a necessity for the whole department, it becomes a huge problem for companies and institutions.
Moreover, this type of ransomware is able to infect cloud backup as well. This is what makes this ransomware 2.0 one of the biggest cloud threats of 2020.
How to protect your data from cloud ransomware attacks
New threats require new solutions; you can’t beat this type of ransomware with antivirus and backup only. That is why we’ve created SpinOne – a cybersecurity platform that is designed to detect and block all the new cloud cyber threats.
SpinOne provides you with the necessary arsenal of tools to keep your cloud data safe and sound:
- SpinBackup – a secure backup service 3x a day with fast selective data recovery;
- SpinSecurity – ransomware protection that monitors your cloud data 24/7 and detects and stops ransomware attacks.
- SpinAudit – AI-based security monitoring of all connected applications, brute-force attacks, and sensitive information sharing.
Want to see how it works?