Carding
Professional
- Messages
- 2,870
- Reaction score
- 2,511
- Points
- 113
Fighting digital crime doesn't always end in a happy ending.
Danish cloud provider CloudNordic recently experienced a major cyber incident. The company admitted that it was the victim of a ransomware attack that "completely paralyzed CloudNordic." As a result, most clients lost data that was stored on the servers.
It all happened on August 18. The attack destroyed both the company's own systems and users ' resources, including their websites and mailboxes. The team is trying to restore the information, but, as experts admit, the prospects are disappointing.
"We do not have the ability and do not want to satisfy the financial interests of cybercriminals" — this is how CloudNordic reacted to the hackers ' ransom demand.
Management explicitly stated that most of the information could not be recovered: both corporate and client information. The only point that can be considered as a small consolation: analysts did not find signs of unauthorized access to the storage facilities before they were blocked. This means that the information was encrypted, but the attackers decided not to copy it. "We have not found any evidence of a leak," the representatives explained.
According to the investigation, the ransomware infection occurred when the company moved its servers from one data center to another. Servers that were previously distributed over different networks were connected to the same CloudNordic internal system. Hackers took advantage of the opportunity to seize key resources: management mechanisms, databases, and even backups.
CloudNordic is ready to restore web resources and mail servers of users, but without saved data and DNS. To do this, clients are asked to send an email to their work email address with the word RESTORE in the subject line and contact details in the body. However, it is obvious that even without additional information, the process will take "a huge amount of time". In this regard, CloudNordic recommends that some people look for alternative providers.
Danish cloud provider CloudNordic recently experienced a major cyber incident. The company admitted that it was the victim of a ransomware attack that "completely paralyzed CloudNordic." As a result, most clients lost data that was stored on the servers.
It all happened on August 18. The attack destroyed both the company's own systems and users ' resources, including their websites and mailboxes. The team is trying to restore the information, but, as experts admit, the prospects are disappointing.
"We do not have the ability and do not want to satisfy the financial interests of cybercriminals" — this is how CloudNordic reacted to the hackers ' ransom demand.
Management explicitly stated that most of the information could not be recovered: both corporate and client information. The only point that can be considered as a small consolation: analysts did not find signs of unauthorized access to the storage facilities before they were blocked. This means that the information was encrypted, but the attackers decided not to copy it. "We have not found any evidence of a leak," the representatives explained.
According to the investigation, the ransomware infection occurred when the company moved its servers from one data center to another. Servers that were previously distributed over different networks were connected to the same CloudNordic internal system. Hackers took advantage of the opportunity to seize key resources: management mechanisms, databases, and even backups.
CloudNordic is ready to restore web resources and mail servers of users, but without saved data and DNS. To do this, clients are asked to send an email to their work email address with the word RESTORE in the subject line and contact details in the body. However, it is obvious that even without additional information, the process will take "a huge amount of time". In this regard, CloudNordic recommends that some people look for alternative providers.
