How hackers can sneak you ransomware when using the cloud and how to avoid it

August 20, 2022 Matt Mills Tips and Tricks 0

Ransomware is one of the main threats that hangs over Internet users, and this type of malware can not only steal all our data, but also encrypt it completely to demand a ransom. Although there are different types of ransomware, we must be very careful with everything we download from the cloud, because it could have a poisoned “gift”, and that all our files and folders are automatically encrypted. Today in this article we are going to explain the main ways to sneak ransomware if you use the cloud, and what to do to avoid it.

How hackers can sneak you ransomware when using the cloud

Methods to get infected with cloud ransomware

Cybercriminals know that ransomware is one of the most harmful malware and the one with which they make the most money, for this reason, today the vast majority of attacks to infect the different computers of users consist of encrypting their computers, to ask for a ransom all the encrypted information. Cybercriminals make use of cloud services to infect end users, here are the main methods they use:

  • Sending malicious emails with links to cloud storage services.
  • Design web pages similar to others, but with direct download of malware.

Usar correo para colar ransomware

Furthermore, we must not forget that in recent months, cybercriminals are not only targeting end users, but also companies that have all their services on Amazon Web Services, Microsoft Azure, and even Google Cloud. These three companies are the “giants” of the Internet in the cloud, in fact, they are focusing on trying to detect and block ransomware in their services to protect their customers (the companies that contract the services). The methods used by cybercriminals to infect the different clouds are:

  • Scanning and exploitation of vulnerabilities in the different clouds, since they use software that could have security flaws.
  • Flaws in the security configuration of the different services, which leaves the “door open” for cybercriminals.
  • DDoS attacks targeting the organization as a means of distraction to infect their computers with ransomware.

As you can see, cybercriminals are not only targeting end users, but also companies that are hosted in the cloud. In fact, with attacks directed at these companies, end customers could also be infected.

How to avoid infection

If you are an end user, you should take certain precautions to avoid getting infected, or to fix the data encryption issue once you are infected:

  • Use an up-to-date antivirus that is capable of detecting ransomware before it “touches” your computer.
  • Use a ransomware protection system, so that when malware starts encrypting data, the security system detects this behavior and automatically blocks the process and removes it.
  • Don’t click on phishing emails you receive.
  • Do not enter websites of dubious reputation.
  • Make backup copies 3-2-1 , to adequately protect your data and restore all the information in case you need it.

In the event that you have a company and use these services from Google Cloud, Amazon AWS or Azure, you should follow the recommendations made by the companies themselves in order to mitigate these attacks as much as possible:

  • Correctly update the operating system where your applications work.
  • Keep all applications and services updated to the latest version.
  • Make use of the main security measures of the platform, including firewall and other systems.
  • Carry out a good backup policy, so that in case of infection, you can resume normal activity as soon as possible.

As you can see, the two fundamental pillars to avoid ransomware are focused on prevention with the main security measures, and also with backup copies, which is a measure in case of disaster due to an infection.