A Switzerland-based cloud hosting provider Swiss Cloud has reported a ransomware attack that shut down the company’s server infrastructure.
According to Swiss Cloud’s status page, the attack took place on Tuesday, April 27.
Swiss Cloud is one of Switzerland’s largest hosting providers offering self-service and scalable cloud services billed by the minute of use.
In an update on Friday posted on its website [PDF], the company was working to restore its servers from backups. The process is expected to take at least a few days. Experts from HPE and Microsoft are also helping with the process, the company said.
It is currently unknown who was behind the attack on Swiss Cloud and what ransom the attacker demanded.
While the attack hit several data centers across Switzerland but did not impact the company’s entire server infrastructure, it caused disruption to more than 6,500 customers and made servers unavailable.
One of the customers impacted by the attack on Swiss Cloud was Sage, a payroll and HR software company serving German-speaking countries.
The company may be optimistic about the quick restoration of its systems, similar ransomware attacks on cloud and web hosting providers in the past caused outages that lasted weeks, not days. Just to name a few, previous victims included Managed.com, Equinix, X-Cart, A2 Hosting, CyrusOne, Cognizant, SmarterASP.NET, Dataresolution.net, iNSYNQ, and Internet Nayana.
Nevertheless, in an update on Monday, published on the website, the company said:
“The work to clean up the cyberattack, in which the servers of swiss cloud computing ag were attacked on April 27, is progressing. The first services are online again and the company is assuming that all services can be used again on Wednesday, May 5th.”
Ransom demands for web hosting and cloud providers are usually some of the largest. This is because the downtime such attacks cause affect a big number of their customers and their businesses. To avoid that, companies often comply with ransom demand even if they have backups.
