Businesses are moving to the cloud, taking advantage of the increased speed and efficiency it provides for data transfer and collaboration. Unfortunately for them, threat actors are abusing the same technology to accelerate the spread of cybercrime.
Cloud Security Alliance CEO Jim Reavis says the intrinsic nature of the cloud, which makes it appealing to businesses, is also viewed by malicious actors as a "fast lane" for ransomware proliferation. The foundation for strong ransomware protection in the cloud is a clean, secure internal network.
"It is important to have the best internal network hygiene possible: least privilege network architectures, microsegmentation, disabling extraneous network services running on desktops is a must," he says.
In many ways, protecting your business from ransomware in the cloud isn't different from endpoint ransomware protection, says John Pironti, president of IP Architects. He emphasizes the importance of maintaining basic security practices to protect against ransomware.
"It's the basics that always solve the problem," he explains. Patching and hardening systems are especially critical regardless of where data is stored. "It's IT security hygiene. If you do these things, the other things are irrelevant."
However, many businesses are not properly protecting themselves, and are leaving their data vulnerable to potentially disastrous attacks.
"Ransomware is different than traditional confidentiality attacks that infosec has obsessed over for many years," says independent security consultant Gal Shpantzer. "It's an availability attack, but unlike, say, DDoS, the attack is more intrusive, shuts down servers and not just pipelines, and can destroy vast quantities of data if not properly restored."
Here, cloud security pros share their advice on how businesses can protect their cloud environments from ransomware, and what they should do to mitigate the effects of an attack after it occurs.