On April 27th, one of Switzerland’s largest cloud hosting providers, Swiss Cloud, suffered a ransomware attack affecting around 6,500 customers. Currently, the organization is working around the clock to restore operations as early as this week. It has brought in HP Enterprise and Microsoft resources to assist in the recovery process. One of the customers most affected by the downtime was Sage, a Human Resources platform for German-speaking countries in the region.
While it is uncommon to see large cloud providers affected by ransomware at such a scale seen with Swiss Cloud, when they are affected, cloud providers often are hit with the most significant ransom demands. The threat actors behind ransomware know that when a company’s main revenue stream is at stake, the company is more likely to pay a high price to restore operations as quickly as possible. Developing playbooks for when critical applications are down can help prepare teams to respond in cases like this when providers are dealing with downtime.