Currently, cyberattacks on the cloud are mostly performed with age-old techniques like phishing. In the near future, attacks will be initiated with SaaS-connected apps. Such cloud-to-cloud attacks will easily bypass on-premise and network firewall protection. In this article, we’ll discuss app security, fake apps (malicious apps threatening your data), and how to protect from their negative impact.
Protect your business-critical data today
What is a Fake App?
A fake app is a third-party app created by cybercriminals to steal your data. A fake app is not the same as a risky app (an app that has some security gaps and vulnerabilities that may lead to data loss). These terms are quite close and sometimes interchangeable. A fake app is 100% risky; a risky app is not necessarily fake.
Fake apps can threaten mobile data or cloud data in SaaS environments like G Suite. Let’s put a stronger focus on the latter.
Fake apps are disguised as ordinary apps on G Suite Marketplace―apps that you use in your work every day. However, there is one key difference from legitimate Google Marketplace apps―fake apps contain malicious code within.
If you would like to get a more detailed insight into app security, check out our video:
Why Are Fake Apps Dangerous?
When you install a third-party app, it requests permission to access your data (Gmail, OneDrive, etc.).
Fake apps use these permissions to access your data with malicious intent. This may lead to severe consequences:
- Data leak. With a fake app getting permission to access your data (emails, for example) hackers can read or delete any information. If an email contains sensitive information like credentials or bank card details, hackers can use it to access your bank account.
- Ransomware infection. Fake apps can be used to infect your system with ransomware. As a result, your data becomes encrypted and unreadable.
To give it back, hackers will demand money. And ransom demand may reach millions of dollars.
- Compliance violation. Data loss or exposure leads to a violation of data security compliance standards like HIPAA. Compliance violation fines may be very high.
Needless to say, all of that leads to significant financial and reputational losses. That’s why protection from fake applications is extremely important.
How To Spot Fake Apps?
Stopping the use of third-party apps in a daily workflow is hardly possible, but it’s not needed. The key is to tell a fake app from a real one.
How to find malicious apps? The basic things you should pay attention to before you start using an app are:
- Bad reviews. If many have experienced trouble, you may not be an exception.
- Review history. Too many positive reviews on the release day, succeeded by silence, looks suspicious.
- Developer. Apps from reputable developer companies are, in general, safe.
- An excessive number of permissions asked. When an application requests many permissions, more than it should for its functions, it may be a red flag.
- Update frequency. Too frequent updates may point to a significant number of gaps and vulnerabilities.
These measures are somewhat effective, yet you shouldn’t rely only on them. What makes fake apps even harder to detect is that a fake app is not necessarily fake from the very beginning. An app can be updated with malicious code later. Why do it instead of infecting it from the very beginning?
The concept of such activities is simple. A criminal develops a safe, usual app. The app gets listed on G Suite Marketplace, the number of users grows, and everything seems to be well.
However, it’s just a scheme to grow the user base and have more targets to attack. Besides, it’s much easier to promote a safe app. When the time comes, an app is updated with malicious code.
The only way to protect from a malicious-by-update app is real-time monitoring of all of your apps. It’s hardly possible to do it manually, and that’s why we recommend using AI to monitor apps and detect potential risks.
Fake Apps Protection
Apps risk assessment is a complicated process, with many factors and rapidly-changing variables. Controlling apps 24/7 is hardly possible. Still, your data needs to be protected from fake apps. Using automated security software is a great solution to do it.
To help you, we’ve created SpinOne for G Suite. This solution will help you to audit apps and control potential security, business, and compliance risks. SpinOne leverages artificial intelligence (AI) to detect potential threats. Apart from apps risk assessment, SpinOne includes backup and ransomware protection.
So how exactly does SpinOne help you to monitor the security of your apps? In a nutshell, it gives your apps a security score and helps you to whitelist and blacklist your apps.
The list of apps includes the score, which represents the potential risks. The lower the score, the more likely the assessed app is dangerous. You can set up a policy to automatically blacklist an app if its score is low.