Kaspersky Lab: For some time, cloud-based file storage services are quite popular among Internet users.
However, the ease that these services undoubtedly offer seems to be offset to some extent by the dangers they pose. For example, many users follow different tips and store scanned copies of their passport and other personal documents in the cloud, though sometimes the vulnerabilities of a service compromise the security of their personal data. At the same time, the use of cloud technologies for purposes different from those for which they were originally designed may cause even greater damage. For example, it's easy to find instructions for computer owners who want to use these services to remotely control and monitor their devices, control files they download through torrent, etc. Following these recommendations, users unknowingly create the various security gaps that can easily be exploited by digital criminals, especially in cases of targeted attacks.
Οι ειδικοί της Kaspersky Lab προειδοποιούν τις επιχειρήσεις ότι τα εταιρικά δίκτυα διατρέχουν τον κίνδυνο να «μολυνθούν» μέσω υπηρεσιών cloud. Για παράδειγμα, οι ψηφιακοί εγκληματίες μπορούν να αποκτήσουν τον έλεγχο του φορητού υπολογιστή ενός εργαζόμενου μέσω ενός Dropbox client που βρίσκεται εγκατεστημένος σε αυτόν. Κάτι τέτοιο θα μπορούσε να συμβεί όταν ο εργαζόμενος βρίσκεται εκτός γραφείου. Αν «μολυσμένα» έγγραφα τοποθετηθούν σε φακέλους στο cloud, το Dropbox θα τα αντιγράψει αυτόματα σε όλες τις συσκευές που συνδέονται στο εταιρικό δίκτυο και «τρέχουν» την ίδια υπηρεσία. Το Dropbox δεν είναι η μοναδική υπηρεσία στην οποία θα μπορούσε να συμβεί αυτό, καθώς όλες οι δημοφιλείς applications cloud αποθήκευσης, συμπεριλαμβανομένων των Onedrive (ή Skydrive), Google Drive, Yandex Disk κ.α., διαθέτουν αυτόματες λειτουργίες συγχρονισμού.
Kaspersky Lab specialists, after analyzing data gathered with the consent of users[1], found that about 30% of the malware detected in cloud folders of home computers had penetrated through synchronization mechanisms. For enterprise users, this percentage is 50%. It is worth noting that while cloud folders of corporate users generally contain "infected" Microsoft Office files, the corresponding folders on computers often contain malicious Android applications.
"A careful analysis of statistics has shown that the risk of corrupted corporate networks through cloud storage is now relatively small. In the last year, just 1 on 1000 corporate users faced the risk of "infecting" his computer. However, we should take into account that - in some cases - even an "infected" computer is enough to create a massive problem across the entire network and cause significant damage. Configuring the firewall to block access to these services is a painful process that requires constant updating of its settings, "said Kirill Kruglov, Senior Research Developer from Kaspersky Lab.
For these cases, enterprise system administrators must install a fully functional security suite, which will have heuristic and behavioral antivirus protection functions, as well as access control functions (HIPS), operating system control (System Watcher or Hypervisor) , protection against the exploitation of vulnerabilities, etc., on every workstation located in the network. Kaspersky Lab recommends taking advantage of the innovative Application Control technology, which is included in the enterprise security solution it offers and can block any software, as long as its execution is not explicitly allowed by the system administrator. Application Control technology protects the corporate network from targeted attacks through Dropbox, without hindering users' work.
About Kaspersky Lab
Η Kaspersky Lab is the world's largest private provider of computer security solutions. The company is among the top four security solutions providers in the world*. Throughout its history of more than 16 years, the Kaspersky Lab παρουσιάζει καινοτομίες στον τομέα της ασφάλειας, παρέχοντας αποδοτικές solutions για την προστασία των χρηστών, των μικρομεσαίων και των μεγάλων επιχειρήσεων. Σήμερα, οι δραστηριότητες της Kaspersky Lab span 200 countries and regions around the world, with the company providing online security to over 300 million users. For more information, please visit: www.kaspersky.com.
