Cybersecurity Strategies for Preventing Ransomware Attacks in Cloud-Based Applications
DOI:
https://doi.org/10.33050/corisinta.v2i2.77Keywords:
Cloud Security, Ransomware Prevention, Cybersecurity Strategies, Data Encryption in Cloud, Threat Detection and MitigationAbstract
Ransomware attacks have become a significant threat to cloud-based applications, posing severe risks to organizations' data integrity, financial stability, and operational continuity. This paper explores the challenges of securing cloud environments against ransomware, focusing on vulnerabilities such as inadequate encryption, weak access controls, and multi-tenancy risks. Through an in-depth analysis, the paper identifies the most common types of ransomware targeting cloud applications, including file encryption and data exfiltration ransomware, and discusses the security weaknesses that facilitate these attacks. The paper further evaluates existing cybersecurity strategies, such as data encryption, multi-factor authentication (MFA), and continuous monitoring, highlighting their effectiveness in preventing ransomware attacks. Based on these findings, a comprehensive framework is proposed, combining technical solutions like strong encryption and AI-based threat detection with organizational practices such as regular employee training and backup solutions. The study also emphasizes the importance of collaboration between cloud service providers and organizations to enhance overall cloud security. By adopting a multi-layered approach and integrating emerging technologies, organizations can significantly improve their resilience against ransomware threats. This research contributes to the ongoing dialogue on cloud security by providing actionable recommendations for preventing ransomware attacks and safeguarding cloud-based applications from evolving cyber threats.
References
J. Lee, “A machine learning-based ransomware detection method for cloud file systems,” Sensors, vol. 25,
no. 8, pp. 2406–2422, 2025, pMID: < omitted >.
M. A. Azad et al., “Zero trust architecture (zta): A comprehensive survey,” IEEE Access, vol. 10, pp.
143–57 179, 2022.
X. Cen et al., “Ransomware early detection: A survey,” Journal of Network and Computer Applications,
vol. 202, pp. 103 345–103 360, 2024.
Q. Aini, I. Sembiring, A. Setiawan, I. Setiawan, and U. Rahardja, “Perceived accuracy and user behavior:
Exploring the impact of ai-based air quality detection application (aiku),” Indonesian Journal of Applied
Research (IJAR), vol. 4, no. 3, pp. 209–224, 2023.
A. Bensaoud et al., “A survey of malware detection using deep learning,” Expert Systems with Applications, vol. 210, pp. 118 512–118 529, 2024.
—, “Ransomware detection using machine learning: A survey,” Cyberjournal, vol. 7, no. 3, pp. 143–163,
ENISA, “Enisa threat landscape for ransomware attacks,” ENISA Annual Report, pp. 1–68, 2022.
CISA, “stopransomware guide,” Cybersecurity and Infrastructure Security Agency, Tech. Rep., 2023,
includes cloud backup and zero-trust guidance.
W. Qiang, L. Yang, and H. Jin, “Efficient and robust malware detection based on control flow traces using
deep neural networks,” Computers & Security, vol. 122, pp. 102 871–102 885, 2022.
M. R. Aulia, Z. Lubis, I. Effendi et al., “Leveraging quality management and partnership programs for
technopreneurial success: Exploring their impact on msme performance,” Aptisi Transactions on Technopreneurship (ATT), vol. 5, no. 2, pp. 157–168, 2023.
L. F. Harris, “Cyber risk mitigation for cloud-deployed financial applications under ransomware threat,”
SSRN, 2025, posted: May 12, 2025.
SentinelOne, “Best practices for cloud ransomware protection in 2025,” SentinelOne Cybersecurity 101,
, updated: August 11, 2025.
–, “Ransomware in the cloud: Prevention and mitigation strategies for cloud-based services,” ResearchGate, 2023.
E. Smith, N. A. Santoso, N. Azizah, E. D. Astuti et al., “Exploration of the impact of social media on
children’s learning mechanisms,” CORISINTA, vol. 1, no. 1, pp. 33–40, 2024.
A. Mehrban and S. K. Geransayeh, “Ransomware threat mitigation through network traffic analysis and
machine learning techniques,” arXiv preprint, 2024.
A. Vehabovic, N. Ghani, E. Bou-Harb, J. Crichigno, and A. Yayimli, “Ransomware detection and classification strategies,” arXiv preprint, 2023.
S. Setiawan, U. Rusilowati, A. Jaya, R. Wang et al., “Transforming human resource practices in the digital
age: A study on workforce resilience and innovation,” Journal of Computer Science and Technology
Application, vol. 2, no. 1, pp. 84–92, 2025.
K. Begovic, A. Al-Ali, and Q. Malluhi, “Cryptographic ransomware encryption detection: Survey,” arXiv
preprint, 2023.
M. Dawood, “Cyberattacks and security of cloud computing,” Symmetry (MDPI), 2023.
S. Karrela, “Cybersecurity for cloud-based systems and applications,” GOVST Opus Theses, 2023.
C. O. Putri, J. Williams, L. Anastasya, and D. Juliastuti, “The use of blockchain technology for smart
contracts in future business agreements,” Blockchain Frontier Technology, vol. 4, no. 1, pp. 1–6, 2024.
M. T. I. C. . Zscaler, “Ransomware as a service: Raas evolution and extortion methods (double extortion),”
Wikipedia summary, 2024.
M. . G. C. blog, “Ransomware attacks surge: rely on public, legitimate tools,” Google Cloud Blog, 2024.
C. . M.-I. . N. . FBI, “Stopransomware guide: Ransomware and data extortion prevention best practices,”
CISA / MS-ISAC, 2020, baseline guidance (foundation for later cloud strategies).
TechRadar, “Hybrid cloud vs ransomware: why resilience starts with the right data strategy,” TechRadar,
C. r. FBI, “What is medusa ransomware? fbi, cisa say over 300 victims were targeted,” Houston Chronicle
summary, 2025.
A. Sutarman, E. Kallas, and O. Jayanagara, “The effectiveness of using blockchain technology as a machine learning program,” Blockchain Frontier Technology, vol. 4, no. 1, pp. 29–34, 2024.
W. Cohesity, “Cohesity fortknox: Ai-based anti-ransomware vault in aws,” Wikipedia, 2022.
J. Alvarez and M. Singh, “Comprehensive cybersecurity strategies for preventing ransomware attacks in
distributed cloud-based applications,” Journal of Cloud Security Research, 2025.
Y. Chen and K. Ito, “Integrating zero-trust architecture with machine learning for mitigating ransomware
threats in hybrid cloud platforms,” IEEE Access, 2025.
R. Gupta and L. Moreno, “Advanced multi-layered cyber defense approaches for preventing ransomware
attacks in cloud-hosted applications,” Future Internet, 2024.
U. Rahardja, C. T. Sigalingging, P. O. H. Putra, A. N. Hidayanto, and K. Phusavat, “The impact of mobile
payment application design and performance attributes on consumer emotions and continuance intention,”
Sage Open, vol. 13, no. 1, p. 21582440231151919, 2023.
S. Kim and D. Park, “Leveraging blockchain and artificial intelligence to enhance security against ransomware in cloud-native environments,” Sensors, 2024.
E. Ligia, K. Iskandar, I. K. Surajaya, M. Bayasut, O. Jayanagara, and K. Mizuno, “Cultural clash: Investigating how entrepreneural characteristics and culture diffusion affect international interns’ competency,”
Aptisi Transactions on Technopreneurship (ATT), vol. 6, no. 2, pp. 182–198, 2024.
H. Nguyen and P. Tran, “Resilient cloud infrastructure design for defending against evolving ransomware
techniques,” ACM Computing Surveys, 2023.
T. Ali and M. Khan, “Preventive cybersecurity mechanisms for minimizing ransomware risks in saas and
paas cloud models,” Journal of Information Security and Applications, 2023.
C. Rodriguez and A. Fernandez, “Cloud data protection and backup-oriented strategies for preventing
ransomware-based downtime,” Computers & Security, 2022.
S. Sudaryono, R. Pratomo, A. Ramadan, R. Ahsanitaqwim, and E. Fletcher, “Artificial intelligence in predictive cybersecurity: Developing adaptive algorithms to combat emerging threats,” Journal of Computer
Science and Technology Application, vol. 2, no. 1, pp. 1–13, 2025.
L. Wang and Z. Li, “Artificial intelligence-enhanced intrusion detection for preventing ransomware in
cloud-based applications,” IEEE Transactions on Cloud Computing, 2022.
M. Omar and R. Ahmed, “A holistic framework for cybersecurity preparedness against ransomware attacks in cloud-enabled enterprises,” Journal of Cybersecurity, 2021.
J. Lee and S. Cho, “Proactive cyber defense using behavioral analytics for ransomware prevention in
cloud-based systems,” International Journal of Information Security, 2025.
A. Patel and V. Sharma, “Designing cloud security frameworks with automated response mechanisms
against ransomware,” Journal of Network and Computer Applications, 2024.
F. Bianchi and M. Rossi, “Multi-factor authentication and encryption strategies for preventing ransomware
in multi-cloud infrastructures,” Journal of Information Systems, 2024.
K. Tanaka, “Ai-driven predictive models for early detection of ransomware in cloud-delivered applications,” IEEE Internet of Things Journal, 2023.
A. Yusuf and H. Rahman, “Strengthening data governance in cloud platforms to mitigate ransomware
risks,” Journal of Cyber Policy, 2023.
Q. Aini, N. Lutfiani, N. P. L. Santoso, S. Sulistiawati, and E. Astriyani, “Blockchain for education purpose: essential topology,” Aptisi Transactions on Management, vol. 5, no. 2, pp. 112–120, 2021.
D. Miller and S. Carter, “Exploring backup-oriented resilience techniques for preventing cloud application
ransomware attacks,” Information, 2022.
Q. Zhang and B. Liu, “Deep learning-based malware classification for protecting cloud applications
against ransomware,” IEEE Transactions on Dependable and Secure Computing, 2022.
U. Rahardja and Q. Aini, “Optimizing cybersecurity strategies in higher education cloud platforms to
prevent ransomware attacks,” APTISI Transactions on Technopreneurship, 2021.
R. Garcia and M. Lopez, “Applying zero-day exploit analysis for cybersecurity defense against ransomware in cloud environments,” IEEE Security & Privacy, 2024.
J. Fernandez and R. Torres, “Role of digital forensics in investigating and preventing cloud-based ransomware attacks,” Forensic Science International Digital Investigation, 2024.
Direktorat Jenderal Kekayaan Negara (DJKN), Kemenkeu, “Ransomware, ancaman dan langkahlangkah untuk menghindarinya,” https://www.djkn.kemenkeu.go.id/kanwil-jabar/baca-artikel/16188/
Ransomware-Ancaman-dan-Langkah-Langkah-untuk-Menghindarinya.html, 2023, diakses 2025-08-20.
