Swiss Cloud, a Switzerland-based cloud hosting provider, has suffered this week a ransomware attack that brought the company’s server infrastructure to its knees.
The incident took place on Tuesday, April 27, according to Swiss Cloud’s status page.
The process is expected to take at least a few days. Swiss Cloud said its staff is working in 24-hour shifts, including over the weekend, to restore services as early as next week.
Experts from HPE and Microsoft are also helping with the process, the company said.
It is currently unknown which ransomware gang targeted Swiss Cloud and what’s the size of their ransom demand. A Swiss Cloud spokesperson did not return a request for comment.
More than 6,500 customers affected
While the incident did not impact the company’s entire server infrastructure—spread among different data centers across Switzerland—the disruption has impacted server availability for more than 6,500 customers.
One of the most high-profile customers impacted by Swiss Cloud’s outage is Sage, a company that provides payroll and HR software for German-speaking countries.
However, while the company might be optimistic about the timeline of its recovery plan, similar ransomware attacks have also taken place at other cloud and web hosting providers over the past few years. In most cases, recovery efforts lasted weeks, not days.
Web hosting and cloud infrastructure providers are not common targets of ransomware groups, but once they’re breached, they usually face some of the largest ransom demands.
This is because even the smallest downtime they suffer trickles down to all their customers, and providers face immense pressure to restore services from all sides. This pressure is also why some companies choose to pay the ransom demand even if they have backups.