Ransomware is the flavor of the month for cybercriminals. The FBI reports that ransomware attacks rose 20% and losses almost tripled in 2020. And our increased use of the cloud may have played a part in that spike. A survey of CISOs conducted by IDC earlier this year found that 98% of their companies suffered at least one cloud data breach in the previous 18 months as opposed to 79% last year, and numbers got worse the more exposure they had to the cloud.
Organizations now use hundreds of cloud-based apps, which adds thousands of new identities logging in to their systems. This opens almost unlimited possibilities for hackers. Even if cloud vendors have their own identity and access management controls, vulnerabilities will emerge. In fact, recent research into cloud security found that over 70% of organizations had machines open to the public that were linked to identities whose permissions were vulnerable, under the right conditions, to being exploited to launch ransomware attacks.
A number of reasons could explain why security falls through the cracks of many cloud systems, and leaves them more vulnerable to ransomware attacks.
First, cloud security is a shared responsibility. User organizations and cloud service providers share security efforts, but this sometimes leads to security gaps and complexity in the management of risk. Misconfigurations also occur, with sensitive assets left exposed to external access, or controls weakened unintentionally. And there’s the issue of excessive entitlements, where some identities have privileges far beyond what the user needs.
In addition, security pros are up against poor access key management; just like users need to change their passwords, access keys need to change to thwart hackers. And many organizations aren’t using cloud provider controls effectively. Each cloud vendor has their own identity and access management system to protect their servers, but not all organizations use them or make sure they play well with their own IAM systems.
How to Mitigate Ransomware Risks in the Cloud
The following best practices can prevent ransomware from compromising cloud resources.
Ransomware is not going away. Developing a strong security posture in the cloud should be an ongoing effort, but the tools are available to make the task easier. Tasks can be automated, access and privileges tightened and identities managed more effectively. The first step is to understand that vulnerabilities are a fact of digital life.
Copyright © 2021 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.