Wednesday, August 17, 2022
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory
  • Login
  • Register
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
No Result
View All Result
Cloud7 News
No Result
View All Result

Home > Opinion > Lockbit 2.0: Sign of a dangerous ransomware threat landscape for cloud service providers

Lockbit 2.0: Sign of a dangerous ransomware threat landscape for cloud service providers

The ransomware crisis keeps getting worse, with most companies and organizations experiencing a ransomware attack in 2021.


Jeff Stout Jeff Stout
December 8, 2021
4 min read
Lockbit 2.0: Sign of a dangerous ransomware threat landscape for cloud service providers

The ransomware crisis keeps getting worse, with most companies and organizations experiencing a ransomware attack in 2021. The cybersecurity situation is even more dangerous for cloud service providers, because of the number of clients they serve. If a hacker gains access to a normal corporate network, they’ve compromised one company, but if they can infiltrate a cloud service provider, they can potentially access the networks of dozens or even hundreds of companies.

This trend has been further energized by a shift in the way ransomware gangs operate. In the past, the main focus of ransomware was to shut down businesses, putting financial pressure on victims to pay the ransom. More recently, however, there has been more emphasis on stealing sensitive data and threatening to release it to the public.

Cloud service providers are prime targets for such attacks because it’s possible to collect huge amounts of data at once. Instead of breaking into a corporate network and looking for sensitive data, hackers can look at a much wider data set, searching for anything that might be harmful to companies if released to the public.

Financial data, medical and legal records, usernames and passwords, and trade secrets are all prime targets. This highlights the fact that a great deal of the increased security burden that comes with a worsening ransomware threat landscape will fall on cloud service providers.

Lockbit 2.0 attempts to corner the ransomware market

Lockbit 2.0 is a prime example of the move towards so-called “double extortion” attacks that focus on stealing data.

The ransomware market functions much like any legitimate market, with different ransomware developers competing to market their software to hackers. Developers advertise ransomware on underground hacking forums, and hackers who use it then share a percentage of their earnings with the developers.

In attempting to corner the market, Lockbit 2.0 has aggressively positioned itself with a number of features that make it faster than other ransomware variants, and also make “double extortion” easier.

As the ransomware threat grows, so too does the cybersecurity response. This is putting pressure on ransomware designers to make their software faster and more efficient. Lockbit 2.0 incorporates an encryption method that only encrypts about 4 kb of data per file— just enough to render the file unusable. The Lockbit 2.0 team claim makes it the fastest on the market.

It also includes special tools which automatically steal data as quickly as possible.

Rising danger of insider threats

As companies have increased their anti-phishing measures and tightened up cybersecurity, hackers have also been looking for new ways to infiltrate networks. Lockbit 2.0 is one of the first gangs to pursue recruiting insiders as a way to break into networks.

Almost all ransomware variants replace the desktop wallpaper of affected systems with a ransom note containing the attacker’s contact information. Lockbit 2.0 has started to add an offer to company employees— help the hackers access corporate networks in exchange for a percentage of the profits.

The message promises the opportunity to earn millions and promises to protect the anonymity of the insider. This could be a tempting opportunity for a disgruntled employee to earn multiple years worth of salary quickly and easily. It’s also yet another attack vector for employers and cybersecurity professionals to worry about.

Adapting to the changing threat landscape

So what can cloud service providers do to adjust to the new reality? Business as usual, unfortunately, is not an option. It’s not really an option to just leave security to the cybersecurity guys— everyone in an organization needs to have a basic level of cybersecurity understanding.

AWS recently released ransomware mitigation guidelines for cloud service providers. It emphasizes five main points, including:

  • Encryption. With the rising threat of data theft and extortion, it’s more important than ever to implement measures to safeguard client data and sound key management policies. Workflows should be segmented so that each process only has the minimum possible permissions required to do its jobs.
  • Make data recoverable. A secure backup policy is essential to ransomware mitigation. Being able to restore encrypted data makes it much more difficult for ransomware hackers to shut you down, which severely reduces their ability to demand a ransom.
  • Keep up to date with patches. Ransomware hackers are very quick to exploit any vulnerabilities that are leaked, so it’s important to have a regular update and patch schedule.
  • Follow a security standard. Security standards developed by industry leaders provide a convenient metric for checking if your cybersecurity is up to snuff.
  • Monitor and automate responses. The best way to stop a ransomware attack is to prevent the hacker from gaining access to your network. The next best thing is to detect if an intruder enters and stop them before they can do any damage. If unusual activity is detected, automating a shutdown of the network can limit the extent of the damage an attacker can do.

Technology has brought huge productivity gains to our lives, but it has also brought many challenges. Unfortunately, it seems that some of the gains digitization has brought us will have to be dedicated to maintaining a higher degree of vigilance in cyberspace.

Tags: BeforeCryptRansomware

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Next Post
Bitly acquired QR Code Generator

Bitly acquired QR Code Generator

Related News

1,900 Signal users' phone numbers may be exposed

1,900 Signal users’ phone numbers may be exposed

August 16, 2022 10:05 pm
10 malicious packages found on PyPI

10 malicious packages found on PyPI

August 16, 2022 9:30 pm
Cybercriminals target UK water company

Cybercriminals target UK water company

August 16, 2022 8:40 pm
Russian hackers are still focusing on Ukraine

Russian hackers are still focusing on Ukraine

August 16, 2022 7:35 pm
Get free daily newsletters from Cloud7 News Get the Cloud7 Newsletter
Select list(s):

Check your inbox or spam folder to confirm your subscription.

By subscribing, you agree to our
Copyright Policy and Privacy Policy

Get the Cloud7 Newsletter

Sign up for the Cloud7 Newsletter to receive the latest IT business updates straight to your inbox daily.

Select list(s):

Check your inbox or spam folder to confirm your subscription.

Editor's Choice

Interview with Igor Seletskiy on AlmaLinux

7 best hosting control panels

How to update Linux Kernel without rebooting?

7 best Linux mail servers for 2022

7 best cPanel alternatives for 2022

7 best Linux web browsers for 2022

7 best CentOS alternatives

7 best Linux server distros for 2022

How to scan your server for Log4j (Log4Shell) vulnerability

10 Best Web Hosting Services of 2022

AlmaLinux 8.6 Stable is ready to download

Ubuntu 22.04 LTS is available for download. What is new?

Kali Linux 2022.2 is ready for download

Recent News

  • HostBill introduces new features for domain management
  • 1,900 Signal users’ phone numbers may be exposed
  • 10 malicious packages found on PyPI
  • Cybercriminals target UK water company
  • Russian hackers are still focusing on Ukraine


Cloud7 is a news source that publishes the latest news, reviews, comparisons, opinions, and exclusive interviews to help tech users of high-experience levels in the IT industry.

EXPLORE

  • Web Hosting
  • Cloud Computing
  • Data Center
  • Cybersecurity
  • Linux
  • Network/Internet
  • Software
  • Hardware
  • How-Tos
  • Troubleshooting

RESOURCES

  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

Get the Cloud7 Newsletter

Get FREE daily newsletters from Cloud7 delivering the latest news and reviews.

  • About
  • Privacy & Policy
  • Copyright Policy
  • Contact

© 2022, Cloud7 News. All rights reserved.

No Result
View All Result
  • Cloud Computing
  • Web Hosting
  • Data Center
  • Linux
  • Cybersecurity
  • More
    • Network/Internet
    • Windows
    • Software
    • Hardware
    • Blockchain
    • Policy/Legislation
    • How-Tos
    • Troubleshooting
  • Events
  • Interviews
  • Jobs
  • Opinion
  • Whitepapers
  • Glossary
  • Community Forum
  • Web Hosting Directory

© 2022, Cloud7 News. All rights reserved.

Welcome Back!

Sign In with Facebook
Sign In with Google
Sign In with Linked In
OR

Login to your account below

Forgotten Password? Sign Up

Create New Account!

Sign Up with Facebook
Sign Up with Google
Sign Up with Linked In
OR

Fill the forms below to register

*By registering into our website, you agree to the Terms & Conditions and Privacy Policy.
All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.