I don't have any inside knowledge but it strikes me that all these ransomware attacks on various health (and fuel line) systems around the world have a common denominator that's never ever mentioned: Microsoft Windows. If people (especially running critical infrastructure) didn't use it... I'm confident we wouldn't have ransomware attacks.
@lightweight Even with all the bad incentives and their influence on big corporate systems... the cloud isn't being overrun with ransomware yet? And from what I've seen, "the cloud" is largely Ubuntu, RHEL, and their variants, and containers built on "bases" from their packages.
@unlofl yes, an interesting observation. :) I'd say it's not because those systems wouldn't be valuable targets. I'd say it's a combination better security models, better code, better sysadmins, and less disdain for #FOSS than for US multinational products that powerful but technologically clueless people run.
@lightweight And I think even if some ops teams are bad, the whole IaaS model protects it too. Hard for ransomware to be effective when a cloud platform controls the backups/snapshots and your average sysadmin can't screw it up if they try.
Still waiting for the inevitable first time an entire datacenter is held hostage though.
@unlofl In my experience, many of these institutional IT systems (in addition to naive users and MS Windows) also have woeful sysadmins.
@unlofl yup, could happen. Ultimately, though, I think the major vulnerabilities are due to a very simple combo: (painfully) naive users and MS Windows. That's why we're in a digital dark age (https://davelane.nz/darkage).