Ransomware is a form of cyber extorsion, with potentially devastating consequences for businesses of all sizes.
Ransomware attacks have increased significantly over the past months, especially with the global switch to remote working as a result of the COVID-19 pandemic. The bad news is not just that it’s on the rise, but that it is evolving, and is now posing a real threat to cloud-based platforms.
What is RansomCloud?
RansomCloud is a type of ransomware attack that invades the cloud to retrieve data and encrypt it, demanding a ransom from the business or individual in order for them to regain access to their data.
How does RansomCloud work?
In RansomCloud, the attacker typically sends an email that looks legitimate with a link inside (also known as phishing email). When the individual opens the email and clicks on the link, the ransomware is deployed to encrypt data.
The attacker then holds the data hostage and demands payment from the victim.
More damage can be caused if the attacker takes advantage of the victim’s contacts to extend the attack and disperse malware.
As it stands, this type of attack can happen to anyone. It relies on something as simple as an individual clicking on a link, to then lock files for the entire business.
Kevin Mitnick, who was once the world’s most wanted hacker and is now an IT security consultant, shows just how easy it is to fall victim of RansomCloud in the video below. He demonstrates how the new type of ransomware encrypts cloud email accounts, such as Office 365.
Why should businesses be concerned?
RansomCloud targets your data in the cloud, which means attackers can get hold of critical data from cloud-based platforms like Google and Microsoft. Yes, that means they can easily encrypt business email accounts from Office 365.
It’s a high risk for businesses, most of which count with the “security” of the cloud to host their files and data. RansomCloud has the ability to invade and encrypt employees’ emails, as well as lock them out of SharePoint and OneDrive.
Businesses run on email – and when members of staff lose access to their email accounts and contacts, business operations can be massively disrupted.
Something not commonly known is that Office 365 data is not safely backed up my Microsoft. In fact, in the Microsoft Service Agreement, it is clearly stated that in the event of an outage or disruption to the service, you may not be able to retrieve your data, and is is recommended that users regularly back up their data with a third-party app / service.
How to protect your business
Ransomware is not new, but it certainly is evolving. As attackers get smarter and more devious with the ways in which they attack, it’s now essential for organisations to tick all the boxes on the cyber security list to stay protected.
Cloud-platforms, like Microsoft and Google, don’t back up files automatically for you. That’s why businesses are recommended to make use of third-party back-up services, to make sure their employees’ data is fully backed up and always recoverable, so if they were to become a victim of RansomCloud, they can get back on track in no time.
Here’s some ways to protect your organisation:
- Protect your email. If you use Microsoft Office 365, use backup service to protect your data and make it recoverable should the worst happen.
- Keep software and systems up to date. This helps to benefit from the latest security measures in applications and minimise vulnerabilities.
- Protect your devices with antivirus / cybersecurity software and apply multi-layered protection. These measures can be incredibly helpful in the fight against malware and phishing attacks.
- Train staff. It’s very important that employees learn key security practices; get into the habit of using virtual private networks (VPNs), and learn how to identify phishing emails, which can be highly deceptive.
- Monitor your server to make sure it is protected from ransomware risks.
Getting Backup for Microsoft Office 365
At Euro Systems, we offer a backup service specifically designed for Microsoft Office 365, to protect businesses from many risks of losing data, including the newly evolved ransom known as ‘RansomCloud’.
Backup for Office 365 covers Mail, Calendar, Contacts, OneDrive and SharePoint, to fully protect organisations’ data.
The service takes no time to implement and it’s extremely important for companies that are not backing up their files and data from Office 365.
With a reliable backup service, you can work with peace of mind, knowing that their data is protected, backed up and recoverable – should the worst happen.
Get in touch to upgrade your IT security and backup strategy.