CloudNordic, a leading Danish cloud hosting provider, has recently fallen victim to a highly destructive ransomware attack that security experts are describing as a “worst-case scenario” for the company.
The attack, which occurred during a data center migration, allowed threat actors to gain access to CloudNordic’s administrative systems, resulting in the complete shutdown of all systems, including its website, email services, and encrypted customer systems and websites. The attackers also managed to encrypt all servers’ disks, as well as primary and secondary backup systems.
CloudNordic has confirmed that there is no evidence to suggest that customer data has been stolen or exfiltrated by the attackers. However, the company acknowledged that the attack has severely impacted its operations and has had a significant effect on its customers.
Reports from Danish media indicate that hundreds of companies have been affected by this attack, with the majority of CloudNordic’s customers losing all of their data. In addition, CloudNordic’s sister company, AzeroCloud, has also experienced a similar ransomware attack, resulting in system outages.
Both CloudNordic and AzeroCloud are owned by Certiqa Holding, a Danish-based company that also owns the telco security provider, NetQuest.
Security experts have expressed concern over the implications of this attack on CloudNordic’s customers, stating that it is the worst-case scenario for them. Many customers rely on cloud services to handle their security and backups, and the irretrievable loss of data will have a lasting impact on their operations.
Incidents like these intensify the pressure on cloud service providers, highlighting the importance of ensuring robust security measures and backups. The circumstances surrounding this attack, occurring during a data center migration, emphasize the vulnerability of systems during periods of change.
Experts suggest that the initial breach likely occurred months ago, as such attacks require careful planning and reconnaissance. Virtual servers are often moved between hosts and data centers as part of standard practices, making it essential to have comprehensive security measures in place.
In summary, this devastating ransomware attack has left CloudNordic paralyzed, severely impacting its customers. The incident serves as a stark reminder of the importance of strong security measures and backups for cloud service providers.