Logo Spinbackup.com

How Ransomware Can Infect Google Drive?

G Suite Ransomware Protection 0 17581
How Ransomware Can Infect Google Drive?

Google Drive Ransomware
These days, with the rise of cyber security threats, business and individual users alike have to put more effort to tackle the data protection issue in the cloud. Ransomware hackers are ripping more and more fruit recently and Ransomware as a Service becoming an achievable “malware for hire” solution for a relatively low cost. What do we know about these high-tech criminals and the ways to stay safe from them? Is your Google Drive safe from being infected by Ransomware?

How Ransomware Can Infect Google Drive?

Ransomware can infect and encrypt your Google Drive files, as well as threaten to delete them unless you pay ransom for a code to unlock them. The hackers want you to pay in cryptocurrency that is hard to trace. The chances you will get your files decrypted even after the payment are slim. According to Federal Bureau of Investigation, hackers made more than $200M in FY 17 Q1 with around 70% of businesses contributing to their wealth and paying the ransom. The numbers are shocking but it’s just a start for the trends might make you wanna cry.

If you look at the number of ransomware families that were discovered in 2015 (29) in comparison to MoM findings in 2016 that reached 247 at 2016 year end with quarterly average of 62.

New Ransomware Families

Through G Sync to Ransomware – Encrypted Files at Google Drive

With more and more companies trying to save up on infrastructure costs, businesses tend to keep their data in the cloud. However, this shared by numerous associates virtual space brings as many opportunities as it does risks. For example, with the help of Google Drive Sync co-workers can sync the files on their local machines with copies in the cloud.

It does not take much effort to get your files encrypted. Just click on a suspicious link or attachment delivered to you by email and ransomware will encrypt the files on your PC. If you have the Google Drive application installed on your computer, all files in its folder will be affected by the virus. Google cloud interprets encryption as regular files editing and gets them synced to Google Drive. This happens faster than a person is able to react and turn off synchronization. Thus, the encrypted versions of the documents will replace all reliable versions in the cloud.

The aftermath is even bigger if a user is engaged with other co-workers using the Drive. In this case, ransomware can get into all shared documents and folders increasing the scale of the damage.


Google Drive Sync capability is a real savior but only if you have a proper backup solution for enterprise system in place that that can be used for urgent restore of a reliable version of a document.

Is Google Sync the Only Way to Be Hit by Ransomware Attacks?

No, it is not. Along with G Suite you have hundreds and thousands of third-party extensions and apps that boost usability of Google Disk. With better work-flow and streamlined functionality those can bring a cyber threat on board as well.

Imagine you need to edit and sign PDF docs which are one of crypto-ransomware types targeted, so you go to G Suite Marketplace and look for a program to help you with that. If you are not a big fan of Gantt charts in MS Project and think your in-house project management tools might not be enough, you then opt for a tool that helps you create, track, and share schedules with the team and stakeholders online. Another popular program that can save time is cloud-based file format converter. If your business is into design, there are a number of applications (basic and advanced ones) to touch up and edit photos in the cloud. This is not an exhaustive list of third-party apps that can both do good and bad to your work process.

Opportunities are infinite with all the utilities that you can connect to your Google Drive. Some of them prove to be trustworthy; others are less reliable and could be malicious. Security experts predict that malicious applications will infect cloud storages with ransomware through encrypted files omitting G Sync software. Ransomware will mature towards infecting cloud applications developed by trusted companies and taking access to end-users’ data through these apps.

A level of risk to corporate data depends on the permission level requested by application. Being granted access to manage data, an app can encipher them. Usually this application access is given by a user: a Request for Permission window is shown before installation and launch.

Request permissions

A G Suite admin of a hundreds users company, can not rely on the attentiveness of his / her co-workers and spend time examining every app carefully. So it’s better to have a reliable cyber security provider that can scan the security level of the risky third-party apps connected to your  G Suite domain. Once it’s in place, you can sit back and relax while it performs heavy-lifting on your behalf: from conducting daily third-party apps security audits to providing automatic access removal to suspicious applications.

Google Backup and Sync Google Drive File Stream — New Opportunities and New Threats

spinbackup drive file stream

In July, 2017, Google is launching the Google Backup and Sync tool that will broaden the horizons of the classic Drive Sync. With G Sync, only items uploaded to a Google Drive folder were automatically synchronized to the cloud, while with Backup and Sync, you can set up any folders on your Mac or PC to be backed up to the Google cloud. This innovation is without doubts full of useful properties – from handiness and automatization to safety and accessibility.

But with all the positive sides, let us not forget about security threats. Is Google Drive secure? Now, as you have learned that Drive files are equally as vulnerable to ransomware as local ones, you understand with a bittersweet smile that backing up your Mac / PC to the cloud via Google Backup and Sync absolutely does not protect these files from being encrypted. Furthermore, the unencrypted copy of infected files will not be available for preview or restore in case of a disaster. With Backup and Sync, you do protect your files from hard drive failures and devices loss or theft but it has nothing to do with ransomware. With all this in mind, our breaking news announced in the next paragraph becomes even more valuable for all G Sync and Google Backup and Sync users.

Announcing Automatic Google Drive Ransomware Protection

Spinbackup Ransomware protection

Spinbackup is the first to introduce automatiс protection against ransomware. It is an innovative API CASB functional that will automatically detect ransomware activities in your domain, warn you with the security alerts and provide automatic and manual recovery of encrypted items. The beta version is already accessible for all Cybersecurity & Backup customers. Spinbackup provides extensive ransomware protection for  G Suite organizations and enterprises with unique and smart algorithm that is based on your backup. For the first time in history, G Suite companies will be AUTOMATICALLY protected from ransomware.  Deploy Spinbackup’s Enterprise Solutions and stay secure!

Explore Spinbackup’s customer success story and watch our Demo Video!

Check out our Ultimate G Suite Security Guide and stay protected with Spinbackup API-based CASB!

17,582 total views, 21 views today

Related Post