Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community
Is your organization prepared for ransomware strikes in Azure storage?
2 Min Read
The cloud landscape is witnessing an unprecedented surge in highly sophisticated attacks, with threat actors transcending traditional exploits like crypto mining and data exfiltration. Instead, they are delving deeper into cloud infrastructure, executing intricate maneuvers such as lateral movement, orchestrating supply chain attacks and deploying ransomware on cloud data. In this ever-evolving realm of cloud security, a recent revelation from Sophos X-Ops highlights the exceptional proficiency of the BlackCat/ALPHV ransomware group in exploiting the cloud to their advantage.
Their latest endeavor involves the deployment of a new Sphinx encryptor variant, strategically targeting Azure storage accounts. What sets this apart is their covert approach, gaining unauthorized access to a victim’s Azure resources and extracting Azure storage account keys, thereby assuming control over the data stored within those accounts. It is worth noting that this same group previously made headlines for their audacious infiltration of MGM’s infrastructure, where they boldly claimed to have encrypted over 100 ESXi hypervisors.
The distinction between typical ransomware used in on-premise systems and cloud ransomware targeting Azure resources lies in their effects and methods of operation. Cloud ransomware operates in a cloud-based environment, potentially affecting critical cloud resources, including VMs, databases, and storage. Moreover, it leverages cloud-specific attack vectors such as exploiting misconfigurations, lateral movement within cloud networks and abuse of cloud services.
As organizations increasingly embrace cloud services like Azure, it becomes imperative to proactively fortify themselves against cloud-based threats, including ransomware attacks. In this rapidly evolving threat landscape, companies must develop robust defense strategies to secure their cloud resources effectively.
To protect against ransomware attacks in Azure Storage accounts, you can adopt proactive strategies, including:
Network Access Control: Manage and restrict network access to your storage account, which can involve integrating it into a dedicated Virtual Network or implementing Firewall Rules to grant access solely to specific IP addresses.
To read the complete article, visit IoT World Today.
