CloudNordic Ransomware Attack: Customers Lose All Data
Introduction
Cloud server CloudNordic recently experienced a devastating ransomware attack on their data center systems, resulting in the loss of all customer data, including backups. This Denmark-based cloud company revealed that cybercriminals encrypted their website, email, and customer systems and websites, leaving them with no access to any data. In this article, we will dive into the details of the attack, explore the impact on CloudNordic and its customers, and discuss the measures being taken to rebuild their systems.
The Ransomware Attack on CloudNordic
The ransomware attack on CloudNordic started on Friday and quickly escalated, leaving the company’s systems completely shut down. The attackers gained access to the company’s administrative and backup systems, encrypting all server disks and rendering the machines inoperable. As a result, the majority of customer data was irretrievably lost. Although there is no evidence that customer data was copied or extracted, this is a common tactic employed by ransomware and extortion groups.
Impact on CloudNordic and Customers
CloudNordic’s customers were heavily impacted by the ransomware attack, as they lost all the data they had stored on the cloud server. This loss has severe consequences for businesses that relied on CloudNordic’s services to store critical information. The translated statement on CloudNordic’s website highlights the unfortunate reality that most customers have lost all their data, making data recovery impossible.
Fortunately, there is no evidence to suggest that the attackers copied or extracted customer data during the attack. However, the extent of the damage caused by the encryption of server disks and backup systems cannot be underestimated.
The Attack Strategy and Unfortunate Circumstances
The exact origin of the ransomware attack remains unclear, but CloudNordic suspects that infected systems were moved from one data center to another without prior detection. Unfortunately, the destination data center was wired to access the company’s internal network, allowing the attackers to gain control of the central administration and backup systems. This unsuspected infection led to the encryption of drives and the ultimate loss of all data.
Rebuilding Email and Web Systems
Despite the catastrophic loss of data, both CloudNordic and Azero, another affected company owned by Certiqa Holding, are committed to rebuilding customers’ email and web systems from scratch. However, it is important to note that this reconstruction process does not entail data recovery. Customers will have to start from scratch, reuploading their information and rebuilding their systems.
The Efforts to Communicate and Difficulties Encountered
CloudNordic faced significant difficulties in communicating with its customers and the general public following the ransomware attack. Their website notice mentioned the challenges they experienced in reaching out to stakeholders. Furthermore, an email sent to CloudNordic returned with an error message, indicating the company’s struggles with effective communication in the aftermath of the attack. These communication challenges further exacerbate the impact of the attack on customers who may seek clarity and updates regarding their data and services.
Azero Cloud and Certiqa Holding
Azero, another company owned by Certiqa Holding, also suffered from the same ransomware attack. CloudNordic is not alone in its hardship, as both companies share the burden of rebuilding systems without the possibility of data recovery. Certiqa Holding, the parent company, also owns Netquest, a provider of threat intelligence to telecommunications companies and governments.
No Public Claim of Responsibility
As of now, no ransomware group has publicly acknowledged or taken credit for the cyberattack on CloudNordic and Azero. This lack of claim makes it challenging to identify the motives and intentions behind the attack. However, it is clear that the consequences of the attack have been severe.
Contributing Factors and Lessons Learned
The ransomware attack on CloudNordic highlights the importance of robust cybersecurity measures, including regular vulnerability assessments, backups stored in secure locations, and meticulous control over system migrations. Moving infected systems between data centers, as in this case, can potentially expose sensitive networks to attacks.
Furthermore, the incident underscores the significance of proactive communication during and after a cyberattack. Effective communication helps manage customer expectations, provide timely updates, and rebuild trust with affected stakeholders. Companies should prioritize establishing secure channels of communication to keep customers informed and address their concerns promptly.
Conclusion
The ransomware attack on CloudNordic was a devastating blow to both the company and its customers. The loss of all customer data severely impacts businesses that relied on CloudNordic’s services for secure storage and data management. The exact origins of the attack remain unknown, but the consequences and challenges faced by CloudNordic and its associated company, Azero, are evident. Rebuilding email and web systems from scratch is an arduous process that customers must undergo without the possibility of data recovery. This incident serves as a stark reminder of the importance of robust cybersecurity measures, proactive communication, and secure infrastructure in safeguarding sensitive data and mitigating the impact of cyberattacks.
Summary
CloudNordic, a Denmark-based cloud server, has recently suffered a ransomware attack that resulted in the loss of all customer data, including backups. The attackers encrypted the company’s website, email, and customer systems and websites, rendering them inaccessible. Despite no evidence of data extraction, the encryption of server disks and backup systems has left the majority of customer data irretrievable.
The attack was likely exacerbated by the movement of infected systems between data centers, unknowingly granting the attackers access to CloudNordic’s internal network. The company has faced communication difficulties, making it challenging to keep customers informed or retrieve lost data. Azero, another company owned by Certiqa Holding, faced a similar attack.
CloudNordic and Azero are now focusing on rebuilding customers’ email and web systems from scratch, but data recovery is not possible. This incident highlights the need for robust cybersecurity measures, such as regular vulnerability assessments and secure backups. Effective communication during and after a cyberattack is also crucial to managing customer expectations and rebuilding trust.
—————————————————-
| Article | Link |
|---|---|
| UK Artful Impressions | Premiere Etsy Store |
| Sponsored Content | View |
| 90’s Rock Band Review | View |
| Ted Lasso’s MacBook Guide | View |
| Nature’s Secret to More Energy | View |
| Ancient Recipe for Weight Loss | View |
| MacBook Air i3 vs i5 | View |
| You Need a VPN in 2023 – Liberty Shield | View |
Cloud server CloudNordic says most of its customers have “lost all the data we had” following a ransomware attack on their data center systems, including their backups.
The Denmark-based cloud company said the ransomware attack began on Friday, during which the cybercriminals “shut down all systems,” including its website and email, and encrypted customer systems and websites.
In a notice on his website translated In Danish, CloudNordic said: “The attackers managed to encrypt all the server disks, as well as the primary and secondary backup system, so all machines failed and we lost access to all data.”
CloudNordic said that while customer data was encrypted in the attack, there was no evidence that customer data was copied or extracted from its systems, as is the case. a common tactic for ransomware and extortion groups. The company said it had no money to pay the hackers’ unspecified ransom in any case, nor would it pay.
The cloud server said it believes the hackers had access to the company’s administrative systems “from where they could encrypt entire drives.”
“Unfortunately, it has proven impossible to restore any more data and therefore most of our customers have lost all the data we had,” the translated statement on its website reads.
It’s unclear how the ransomware attack started, but the company said the attack occurred, or was at least exacerbated, by moving infected systems from one data center to another data center that “unfortunately was wired to access our internal network.” which is used to manage all the data”. of our servers. CloudNordic said it was “unaware that there was an infection.”
“Through the internal network, the attackers gained access to the central administration systems and backup systems.”
As of this writing, no ransomware group appears to publicly acknowledge or take credit for the cyberattack.
Azero customers are also affected, according to an identical notice on your website. CloudNordic and Azero are owned by companies registered in Denmark Certiqa Holdingwhich also owns Netquest, a provider of threat intelligence to telecommunications companies and governments.
Both CloudNordic and Azero said they were working to rebuild customers’ email and web systems from scratch, albeit without their data.
CloudNordic could not be reached for comment. The notice on their website said the company was having difficulty communicating. An email with questions about the incident was returned with an error message saying the message could not be delivered.
Do you know more about the CloudNordic and Azero ransomware attack? You can also contact Zack Whittaker at Signal at +1 646-755-8849 or zack.whittaker@techcrunch.com. You can also share files and documents with TechCrunch through our SecureDrop.
Danish cloud host says customers ‘lost all data’ after ransomware attack
—————————————————-