Can ransomware infect Google Drive? Many people would say no, as Google Workspace is believed to be safe. However, they aren’t right. Ransomware impacts cloud-based companies as much as on-premise ones. As Sophos claims, more than 75% of companies infected with ransomware were running up-to-date endpoint protection. This means, that even if you are protected, you are still not entirely safe.
So if you don’t think your cloud storages are safe, you are wrong. Even if ransomware hits files on your local computer, it still can easily infect your files in the cloud. But don’t panic. Keep on reading, and we will tell you about the ways ransomware can infect your Google Drive and how you can secure your data in every possible scenario.
Table of Contents
What is a Ransomware Attack?
Ransomware is the combination of the words “malware” and “ransom”. Ransomware virus infects your files with malware that encrypts them, so you can’t access your data. To be able to access them, you need a digital key, which you will get after you pay a ransom, usually in cryptocurrency.
The main ransomware distinction from other types of malware and viruses is that it manifests itself openly. The primary goal of ransomware is to instill fear for your data. You see a blocked screen, panic, and pay the ransom. In most cases, this is the only thing you can do – hackers are hard to trace, so it can take months for cyber police to return your data.
The sequence of events:
- You perform “the wrong action”: click on the link, open a file, download a program, put a tick, and so on.
- The malware infects your data and encrypts targeted files.
- The malware makes itself noticeable by putting signs on your screen, asking you to pay money in exchange for getting access to your data.
In some rare cases though, if you are lucky enough to catch the “right type of malware”, you can restore previous “healthy” versions of the files on your Google Drive. But most of the recent releases of ransomware don’t let you do that, so we wouldn’t be too hopeful.
To protect Google Drive from ransomware, you need to know how it can reach it. Let’s find out.
Two Ways Ransomware Can Infect Your Google Drive
Like any other cloud service, Google Drive is prone to ransomware attacks. Google Drive can suffer in two ways: as a targeted victim of specially designed traps, or as a “ricocheted victim.”
1. Google Drive Can Become a “Ricocheted Victim” of Ransomware Through the Backup & Sync Tool
Backup & Sync is a free synchronization tool from Google. It syncs local machines with Google Drive and creates a copy of the files from your Google Drive to your computer. Any change on Google Drive reflects on your local computer and vice versa.
This instant synchronization is wonderful, but it also brings risks to the table. Imagine, you downloaded a malicious file that encrypted files on your computer, including synchronized docs in the Google Drive folder. Backup & Sync will interpret encryption as regular file editing and get them automatically synced with Google Drive. Boom! Your data on Google Drive is infected with ransomware. The encryption happens in seconds, and you can’t react and turn the synchronization off.
The aftermath is even more terrifying if you shared links to infected documents with other co-workers. If they downloaded the infected file on their computer, their files are also doomed.
How to protect Google Drive from Ransomware
- Always have a decent backup.
When using Backup & Sync, remember: it is a synchronization tool, NOT a backup solution. This tool doesn’t save your files – it just synchronizes them with all your devices and reflects the changes instantly, which helps you use the latest version of your documents anytime everywhere.
- Educate yourself and your employees. Invest some time in reading about the most widespread ransomware and phishing methods and red flags. Undertake security training. It raises your chances to not fall for the bait of hackers and be ready for possible threats.
- Be cautious. Don’t rush to click and open attachments; take your time to examine the content. Carelessness and hurry will cost you so much more, in case you haven’t saved your data beforehand.
2. Google Drive Can Get Infected Through the Third-party Apps and Extensions
Along with G Suite, you have hundreds and thousands of third-party extensions and apps that boost the usability of Google Disk. But along with better workflow and streamlined functionality, those can bring a cyber threat on board as well.
From time to time, we all download extra apps. They help us edit and sign our PDF docs; create, track, and share schedules with the team and stakeholders online, convert some file formats, edit photos in the cloud, and so forth. Where do you look for programs to give you all those features? In the G Suite Marketplace, of course.
And this is where all the dangers lie waiting. Not all third-party apps and extensions are trustworthy. In 2018, Kaspersky Lab detected about 60,176 new mobile ransomware Trojans.
How can malicious services infect your cloud storage? Mostly through the permissions which you or your employees grant them. The higher the permission level is given to the application, the higher the risks. When you install the app, there is always a pop-up asking you to access and manage your data in a particular folder. If you allow the app to manage data on your Google Drive/Google Team Drives, you “untie its hands.” From this moment, a malicious application can encrypt files, steal your sensitive information, read your company information, copy it, send messages on your behalf, and so on.
How to protect Google Drive from risky Apps and Extensions
The only way is to conduct an audit of third-party apps. You must always examine the trustworthiness of the application or extension before installing it and providing it access to your data.
But it can be quite a challenge to investigate all apps in a company with lots of employees. You can’t rely on your co-workers and need to spend time scrutinizing every app manually. Don’t worry, though; there is a much easier method.
A reliable cybersecurity provider like SpinOne can scan the security level of the risky third-party apps connected to your G Suite domain automatically. The service identifies dangerous business apps and blocks them. This way, you get Google Drive ransomware protection, save time and money, and get a piece of mind.
So remember: no matter how cautious you or your employees are, you can’t be 100% safe. Companies get hit by ransomware every 14 seconds, so don’t rely blindly on luck.
Use specialized anti-ransomware tools to ensure that attacks are detected and stopped ASAP.