Snyk Chief Architect Josh Stella Explains Why Attackers Aren’t Targeting Cloud Environments With Ransomware and What They Are Doing Instead
-In a brief video explainer and commentary, Josh Stella, chief architect at Snyk and founding CTO of Fugue, a cloud security and compliance SaaS company, talks to business and security leaders about why the cloud is generally spared from ransomware and examines the top threat to their cloud environments.
Ransomware made news headlines worldwide earlier this month after a successful attack against one of Toyota Motor Corp.’s parts suppliers forced the automaker to shut down 14 factories in Japan for a day, halting their combined output of around 13,000 vehicles.
That attack was the latest example of the threat ransomware poses to all industries. The most recent edition of SonicWall’s annual threat report states that the volume of ransomware attacks in 2021 has risen 231.7% since 2019. And an advisory jointly issued by the Cybersecurity and Infrastructure Security Agency (CISA), the FBI, and the NSA reveals the latest trend is ransomware as a service — gangs of bad actors essentially “franchising” their ransomware tools and techniques to less organized or less skilled hackers.
Also Read: PuzzleHR Announces the Launch of Direct Connect Mobile App
Clearly, protecting against ransomware attacks must be part of your organization’s holistic cybersecurity strategy — if you’re still operating data center infrastructure and not cloud infrastructure. Hardening data centers and endpoints to protect against ransomware attacks is mandatory, but cloud infrastructure faces a different kind of threat. And if your organization is all in on cloud, ransomware is less of a worry.
What Is Ransomware?
Don’t confuse a ransomware attack with a data breach, which involves stolen data. The purpose of ransomware is not to steal your data (although that can also occur during a ransomware attack) but rather to take control of the systems that house or encrypt your data and prevent you from accessing it — until you pay the ransom. This can have a devastating impact on an organization by effectively shutting down operations until access to the data is restored.
While ransomware is a major cybersecurity threat, we’re simply not seeing ransomware attacks executed against cloud environments. The reason for this involves fundamental differences between cloud infrastructure and data center infrastructure.
A New Threat Landscape
Your cloud environment is not simply a remote replica of your onsite data center and IT systems. Cloud computing is 100% software driven by application programming interfaces (APIs) — the software “middlemen” that allow different applications to interact with each other. The control plane is the API surface that configures and operates the cloud.
About Fugue
Fugue (part of Snyk) is a cloud security and compliance SaaS company enabling regulated companies such as AT&T, Red Ventures, and SAP NS2 to ensure continuous cloud security and earn the confidence and trust of customers