Ransomware in the cloud: Detecting attacks

[German]According to Yahoo! Finance, around 65,000 ransomware attacks are expected this year in the US alone. It doesn't seem to matter what region, country or industry it happens in. Security vendor Vectra provided me with some thoughts on how to spot ransomware and attackers in the cloud.


It seems difficult to stop ransomware attacks. This is because cybercriminals have proven in the past that they will launch ransomware attacks on any company from which they can extort money or steal something of value. Does this mean that it is only a matter of time before a company finds itself in the predicament of either paying a large ransom or parting with important assets and data?

Vectra calls for new mindset

Combating ransomware requires a new mindset, as Hitesh Sheth, CEO of Vectra, makes clear. These attacks cannot be prevented with many of the current security strategies that companies employ. However, it is possible to detect if something unusual is happening in the IT environment, says Vectra's CEO. If the attacker is detected, the security team can contain dangerous events such as ransomware attacks.

The Vectra Spotlight report Vision and Visibility: Top 10 Threat Detections for Microsoft Azure AD and Office 365 shows how such detections can inform the security team about behavior in the IT environment. Vectra went a step further in the report by breaking down the findings by industry. The goal was to provide both an overview of cloud security issues in specific industries and how detections can be mapped to attacker behavior, such as ransomware or supply chain attacks.

This starts with collecting the right data and threat-driven artificial intelligence (AI). This makes it possible to determine the details of attacks and focus on threats that need to be stopped. The following industry insights are all based on real, anonymized customer data. They are the clues that organizations receive to detect attacks via Office 365 and Azure AD. Vectra describes here four key industries, how to detect attacks.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Cloud, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *