The recent reports of a Cerber zero-day ransomware attack that targets Office 365 may have your organization feeling a bit fearful about your cloud deployment — or swearing off the idea of ever migrating to the cloud. After all, if you read the reports, you would think the number of Office 365 users affected by the attack, which is a variation of a Cerber attack reported in March, ranged into the millions.
That’s the security vendor FUD cycle at work.
As Microsoft MVP and well-known journalist Tony Redmond put it, “a fair amount of hyperbole and erroneous detail” was presented in vendor reports on the attack. Yes, you should be concerned about this latest ransomware attack, which uses a malicious attachment to play a creepy message asking for $500 in bitcoins in ransom per system. But the scope and duration of the attack was misrepresented from what I discovered by looking into the matter.