With ransomware attacks hitting the news headlines pretty much everyday these days, I'm genuinely curious to know whether self-hosted or cloud-hosted infrastructure is more prone or more secure, or whether it makes sweet FA difference... ?
If cloud infrastructure was more secure or better protected I would expect cloud providers to be making a big song and dance about it, but they don't. Indeed, there is very scant mention in any of these headlines about the infrastructure that is affected.
Assuming one PC in one office gets infected, then (apart from bad asset and network management) how does that bring down an entire national/international business network? . Is one machine infected and doing all the encryption, or do they effectively download the data somewhere, encrypt it, then upload it back to the companies servers?
And where do these messages saying that the network has been encrypted appear? On the original infected PC, on every PC, on the CIO's i-phone ?
It's not an area I have had more than a passing interest in previously, but it does seem to have become a significant issue this past 12 months or so, with some significant (and one would hope, well protected) organisations being affected.
Can any fellow commentards enlighten me, or point to to some useful websites?