n the last decade, the global tech landscape has developed at lightning speed, and many of us are struggling to keep up. Most of us have got to grips with the basics — Facebook, Slack, Zoom — but terms like ‘the cloud’ are harder to understand.
Far from a niche area of tech, the cloud is becoming a crucial tool for businesses, often with unwanted implications.
Every day, organisations looking to modernise their data practice are moving to cloud hosting and Software-as-a-Service (SaaS) based products. For those not well-versed: traditionally, a website would be hosted on a single server, usually in a data centre. Cloud hosting, on the other hand, sees a company’s data distributed across different servers, usually in different places, which are all connected to form a network. This network is called the cloud.
Many companies migrate to these systems as they’re easy to manage and can integrate with other complementary products across an organisation, whilst also receiving updates for the software in real-time.
Across any given industry there are a small set of market leaders who provide the software, and the largest organisations in the world will naturally prefer to use these top solutions. They are easy to trust, have strong industry presence, and justification for procuring them is smooth for internal budget holders and external shareholders.
What we don’t always think about are the macro-implications: now we have a large number of organisations who are heavily reliant on a single organisation to provide a common product.
Take a look at any accounting software used across major companies. If it’s managed by a cloud-based third-party on behalf of the company, then a single attack to that software provider would not only impact the accounting system of the individual company, but others who use that same product.
Global industries putting all their software eggs in one vendor’s basket is a very attractive proposition for an attacker: a single attack can scale across many different companies.
In the case of Ransomware, attackers have asked themselves the following economic question: why spend time managing and attacking 100 firms individually, receiving only a small amount of capital from each of them, when I can look to the biggest business-to-business software providers in an industry and target those, charging a huge amount to restore their systems so they can continue to deliver services to their clients?