These days, with the rise of cyber security threats, business and individual users alike have to put more effort to tackle the data protection issue in the cloud. Ransomware hackers are ripping more and more fruit recently and Ransomware as a Service becoming an achievable “malware for hire” solution for a relatively low cost. What do we know about these high-tech criminals and the ways to stay safe from them? Is your cloud storage, Google Drive for example, safe from being infected?
What Is Ransomware?
Ransomware is a malware that encrypts your files and threatens to delete them unless you pay for a code to unlock them. The hackers want you to pay in cryptocurrency that is hard to trace. The chances you will get your files decrypted even after the payment are slim. According to Federal Bureau of Investigation, hackers made more than $200M in FY17Q1 with around 70% of businesses contributing to their wealth and paying the ransom. The numbers are shocking but it’s just a start for the trends might make you wanna cry.
If you look at the number of ransomware families that were discovered in 2015 (29) in comparison to MoM findings in 2016 that reached 247 at 2016 year end with quarterly average of 62.
Through G Sync to Ransomware — Encrypted Files at Google Drive
With more and more companies trying to save up on infrastructure costs, businesses tend to keep their data in the cloud. However, this shared by numerous associates virtual space brings as many opportunities as it does risks. For example, with the help of Google Drive sync co-workers can sync the files on their local machines with copies in the cloud.
It does not take much effort to get your files encrypted. Just click on a suspicious link or attachment delivered to you by email and ransomware will encrypt the files on your PC. If you have the Google Drive application installed on your computer, all files in its folder will be affected by the virus. Google cloud interprets encryption as regular files editing and gets them synced to Google Drive. This happens more quickly than a person is able to react and turn off synchronization. Thus, the encrypted versions of the documents will replace all reliable versions in the cloud.
The aftermath is even bigger if a user is engaged with other co-workers using the Drive. In this case, ransomware can get into all shared documents and folders increasing the scale of the damage.
Google Drive Sync capability is a real savior but only if you have a proper backup solution for enterprise system in place that that can be used for urgent restore of a reliable version of a document.
Is Google Sync the Only Way to Be Hit by Ransomware?
No, it is not. Along with G Suite you have hundreds and thousands of third-party extensions and apps that boost usability of Google Disk. With better work-flow and streamlined functionality those can bring a cyber threat on board as well.
Imagine you need to edit and sign PDF docs which are one of crypto-ransomware types targeted, so you go to G Suite Marketplace and look for a program to help you with that. If you are not a big fan of Gantt charts in MS Project and think your in-house project management tools might not be enough, you then opt for a tool that helps you create, track, and share schedules with the team and stakeholders online. Another popular program that can save time is cloud-based file format converter. If your business is into design, there are a number of applications (basic and advanced ones) to touch up and edit photos in the cloud. This is not an exhaustive list of third-party apps that can both do good and bad to your work process.
Opportunities are infinite with all the utilities that you can connect to your Google Drive. Some of them prove to be trustworthy; others are less reliable and could be malicious. Security experts predict that malicious applications will infect cloud storages with ransomware through encrypted files omitting G Sync software. Ransomware will mature towards infecting applications developed by trusted companies and taking access to end-users’ data through these apps.
A level of risk to corporate data depends on the permission level requested by application. Being granted access to manage data, an app can encipher them. Usually this application access is given by a user: a Request for Permission window is shown before installation and launch.
A G Suite admin of a hundreds users company, can not rely on the attentiveness of his / her co-workers and spend time examining every app carefully. So it’s better to have a reliable cyber security provider that can scan the security level of 3rd-party apps connected to your domain. Once it’s in place, you can sit back and relax while it performs heavy-lifting on your behalf: from conducting daily third-party apps security audits to providing automatic access removal to suspicious applications.
Google Backup and Sync & Google Drive File Stream — New Opportunities and New Threats
In July, 2017, Google is launching the Google Backup and Sync tool that will broaden the horizons of the classic Drive Sync. With G Sync, only items uploaded to a Google Drive folder were automatically synchronized to the cloud, while with Backup and Sync, you can set up any folders on your Mac or PC to be backed up to the Google cloud. This innovation is without doubts full of useful properties – from handiness and automatization to safety and accessibility.
But with all the positive sides, let us not forget about security threats. Now, as you have learned that Drive files are equally as vulnerable to ransomware as local ones, you understand with a bittersweet smile that backing up your Mac / PC to the cloud via Google Backup and Sync absolutely does not protect these files from being encrypted. Furthermore, the unencrypted copy of infected files will not be available for preview or restore in case of a disaster. With Backup and Sync, you do protect your files from hard drive failures and devices loss or theft but it has nothing to do with ransomware. With all this in mind, our breaking news announced in the next paragraph becomes even more valuable for all G Sync and Google Backup and Sync users.
Announcing Automatic Ransomware Protection
Spinbackup is the first to introduce automatiс protection against ransomware. It is an innovative CASB functional that will automatically detect ransomware activities in your domain, warn you with the security alerts and provide automatic and manual recovery of encrypted items. The beta version is already accessible for all Cybersecurity & Backup customers. Spinbackup is going to protect G Suite organizations and enterprises from ransomware with unique and smart algorithm that is based on your backup. For the first time in history, G Suite companies will be AUTOMATICALLY protected from ransomware. Don’t miss this!
2,893 total views, 21 views today