Cloud hosting firms CloudNordic and Azero, both owned by Certiqa Holding, have fallen victim to a devastating ransomware attack. The attack resulted in the theft of most of their customer data and rendered their systems and servers inaccessible. The attack occurred during a server transfer between data centers, with some machines becoming infected before the move. The attackers gained access to the companies’ central administration and backup systems, encrypting all stored data and backups. While no evidence of data access has been found so far, the investigation is ongoing. The firms have restored some systems, but all data on them has been wiped. They have reported the attack to the authorities and do not plan to pay the ransom. The impact is significant, as several hundred Danish companies have been affected and are unable to access their data. These attacks on hosting and cloud service providers highlight the ongoing threat of ransomware in the digital landscape.
Cloud hosting firms hit by devastating ransomware attack
CloudNordic and Azero, two Danish cloud hosting firms owned by Certiqa Holding, have recently experienced a devastating ransomware attack. As a result of the attack, a large amount of customer data was stolen, and both companies’ systems and servers were rendered inaccessible. The attack took place during a server transfer, leading the companies to believe that the attackers took advantage of the situation to gain access to their systems. Despite taking precautions such as firewall and antivirus protection, some machines were infected before the transfer, enabling the attackers to infiltrate the internal network used to manage all of the servers.
The attackers were able to access the central administration and backup systems of CloudNordic and Azero, encrypting all stored data and wiping out primary and secondary backups. Although there is currently no evidence of the attackers accessing sensitive information before encrypting it, an investigation is ongoing to determine if any data was exfiltrated. The companies have managed to restore some systems, such as name, web, and email servers, with the help of their IT teams and external experts. However, all data on these systems has been wiped.
In response to the ransomware attack, CloudNordic and Azero have stated that they refuse to pay the ransom demanded by the attackers. They have reported the attack to the Danish police and relevant authorities, taking the necessary steps to address the incident. Unfortunately, several hundred Danish companies have been affected by this attack, with their data becoming inaccessible. The companies have provided their customers with information on how to get their mail and websites working again, but the future of both CloudNordic and Azero is uncertain in the face of this attack.
Hosted services under frequent ransomware attacks
Ransomware attacks have become a common occurrence in the internet and hosting industry, affecting various hosting providers and internet service companies. In recent years, several prominent companies in the industry have fallen victim to ransomware attacks, causing significant disruptions and loss of data. In 2017, web hosting provider Nayana suffered a ransomware attack that impacted more than 150 servers and resulted in the encryption of customer data. In the same year, managed hosting provider Rackspace also experienced a ransomware attack that affected some of its customers. Other notable victims include web hosting companies Opus Interactive and Managed.com, as well as information technology services and consulting company Cognizant.
These attacks highlight the vulnerability of the hosting industry to ransomware threats. Hosting providers, which often store and manage critical customer data, are prime targets for attackers looking to exploit vulnerabilities and extort organizations for financial gain. The consequences of such attacks can be severe, causing reputational damage, financial losses, and disruptions to business operations. As a result, hosting providers must prioritize robust security measures to protect against ransomware attacks, including regular backups, strong network security, and employee education on cybersecurity best practices.
Impact of ransomware attack on hosting providers
The impact of a ransomware attack on a hosting provider can be significant and far-reaching. In the case of CloudNordic and Azero, the attack resulted in the theft of customer data and the inaccessibility of systems and servers. This means that affected companies cannot access their data, leading to disruptions in business operations and potentially severe financial consequences. The loss of trust from customers and the accompanying reputational damage can also have long-term implications for the affected hosting providers.
Furthermore, the decision by CloudNordic and Azero not to pay the ransom illustrates the difficult choices that hosting providers face in the aftermath of such attacks. While paying the ransom may seem like a quick solution to regain access to encrypted data, it encourages attackers to continue their malicious activities. By refusing to pay, these hosting providers are taking a stand against ransomware attacks and sending a message that they will not tolerate such extortion tactics.
The swift response of CloudNordic and Azero in reporting the attack to the Danish police and relevant authorities is commendable. This kind of collaboration between private companies and law enforcement agencies is essential in combating cybercrime and bringing perpetrators to justice. Additionally, the companies’ efforts to restore some systems, despite the loss of data, demonstrate their commitment to minimizing the impact of the attack on their customers.
In conclusion, the ransomware attack on CloudNordic and Azero serves as a stark reminder of the ongoing threat faced by hosting providers in the digital age. The attack highlights the need for robust security measures and proactive cybersecurity strategies to protect against ransomware threats. As the hosting industry continues to evolve and expand, organizations must prioritize the safety and security of their systems and customer data. By learning from past incidents and implementing comprehensive security protocols, hosting providers can mitigate the risk of future ransomware attacks and safeguard their customers’ data.
