On 1 May, the web hosting provider Swiss Cloud Computing informed that it had been the victim of a ransomware attack. The incident began on 27 April and had a serious impact on the company's server infrastructure. As the company announced in an official statement on Monday, functionality is not yet at normal operating levels.
What are the risks to my business from the attack on Swiss Cloud?
One of the most prominent customers affected by the Swiss Cloud outage is Sage, a company that provides payroll and HR software for German-speaking countries. Swiss Cloud said that the individual services are now being brought back into operation step by step. There are still no indications that customer data has been leaked.
On the risks of attacks on cloud services in general
Cloud services - which many customers access in real time to store, retrieve or manage data - are particularly lucrative targets for attackers. The encryption of their infrastructure has a direct impact on customers, which increases the pressure to quickly restore operational services. When attacking your own cloud service, you should be aware of the risks:
- Potential theft of data from the cloud.
- Disruption of service.
- Loss of cloud-based backups.
What can I do?
If you are a Swiss Cloud or Sage customer, we recommend that you track updates on their websites. Swiss Cloud will provide the next update by May 6.
We also recommend that you also store your backup data on a separate, external drive, not just in the cloud. At the moment, there is no indication that customer data has been compromised. If the situation changes, Swiss Cloud will issue a new Mitigation Advisory (a format e.g. blog post or document where vendors/security researchers provide/publish information on how to fix an issue) and inform affected customers.