Ransomware in the Cloud

Most of us are aware of various cyber fraud threats including the increasing proliferation of ransomware software. The U. S. Department of Justice estimates there are 4000 successful ransomware attacks every day. I am sure most readers are using anti-virus and anti-malware software that includes some ransomware protection for their systems. What surprises me is the increasing amount of information that businesses, not-for-profits, and even individuals store on the cloud without considering the risks to their data. Many cloud users are not aware that ransomware can infect files stored on a cloud server.

Ransomware is getting easier to obtain and use. EMSISOFT[1] published an article giving step by step instructions on how criminals can organize a ransomware start-up company. Ransom32 is a user friendly ransomware program. Simply use your TOR network to login and provide a BitCoin address for the ransom funds to be deposited into. You can even customize the ransomware to determine how many BitCoins to charge, how long of a latent timeout is provided, etc. The control panel allows you to track how many systems you have infected, how many screens are currently locked, how many victims have paid, and the total BitCoins you have received from the victims.

Some ransomware specifically targets cloud based systems. For example, RANSOM_CERBER.CAD specifically targets files in Microsoft 365 and “cuteRansomware” targets Google Apps. There are also ransomware programs that can be shared through DropBox, Google Drive, OneDrive, and other file sharing services. Virlock ransomware is a common malware program that can spread on cloud services. One estimate indicated that 10% of cloud users currently have malware on their cloud based files[2].

In many cases the cybersecurity for cloud based applications is better than the cybersecurity for most individuals and small businesses but you need to protect yourself. Make sure you ask for a Service Organization Controls Report (SOC 3) from your provider to validate that their internal controls have been audited. Also, keep a local, offline backup of your data so that if you do become a victim of ransomware you still have most of your data, depending on how long it’s been since your last backup.

[1] http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/?ref=ticker160111&utm_source=newsletter&utm_medium=newsletter&utm_content=mainnews&utm_campaign=ticker160111

[2] http://www.csoonline.com/article/3117751/cloud-computing/ransomware-prevalent-in-cloud-based-malware.html

About Dr.Bob

Dr. Minniti is the President and Owner of Minniti CPA, LLC. Dr. Minniti is a Certified Public Accountant, Certified Forensic Accountant, Certified Fraud Examiner, Certified Valuation Analyst, Certified in Financial Forensics, Master Analyst in Financial Forensics, Chartered Global Management Accountant, and is a licensed private investigator in the state of Arizona. Dr. Minniti received his doctoral degree in business administration from Walden University, received his MBA degree and Graduate Certificate in Accounting from DeVry University’s Keller Graduate School of Management, and received his Bachelor of Science in Business Administration degree from the University of Phoenix. Dr. Minniti teaches graduate and undergraduate courses in accounting, fraud examination, fraud criminology, ethics, forensic accounting, external audit, and internal audit, at DeVry University, Grand Canyon University, Northwestern University, and the University of Phoenix. He designed graduate and undergraduate courses for Grand Canyon University, Northwestern University, and Anthem College. He is a writer and public speaker. He has experience in forensic accounting, fraud examinations, financial audits, internal audits, compliance audits, real estate valuations, business valuations, internal control development, business continuation planning, risk management, financial forecasting, and Sarbanes-Oxley compliance work. Dr. Minniti is an instructor teaching continuing professional education classes for the American Institute of Certified Public Accountants, Compliance Online, CPE Link. AccountingEd, Global Compliance Panel, Clear Law Institute and various state CPA Societies.

Leave a Reply

Your email address will not be published. Required fields are marked *