Security News > 2021 > December > Convergence Ahoy: Get Ready for Cloud-Based Ransomware
Oliver Tavakoli, CTO at Vectra AI, takes us inside the coming nexus of ransomware, supply-chain attacks and cloud deployments.
Why are ransomware and the supply chain coming together? Historically, what started out as nation-state techniques make their way into pen-testing and red teaming tools and eventually become commoditized in attacks undertaken by hackers seeking profit.
There's no reason to think the same won't happen in this case; thus, it is useful to consider tools and techniques employed in supply-chain attacks as a harbinger of what is to come to ransomware attacks.
Many nation-state attacks involve cloud components - they often mix and match traditional on-prem steps in an attack with steps taken in the cloud.
As almost every piece of data of value moves to the cloud, either into SaaS applications or into public-cloud stacks, attackers will undoubtedly follow to the cloud as the pickings for on-premise attacks become slim.
Cloud systems come with incredibly powerful APIs - particularly for privileged credentials - which enable attackers to rapidly progress to their ultimate goal.
News URL
https://threatpost.com/cloud-ransomware-convergence/177112/
Related news
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Embargo ransomware escalates attacks to cloud environments (source)
- Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts (source)
- IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools (source)