Cloud storage has slowly but surely become the best method for sharing, backing up and remotely accessing data in all forms, from Word documents to movies to sensitive, personally identifiable information. So, given Google's position in the IT industry, it should come as no surprise that users - both consumers and enterprises - love Google Drive. After all, it's easy to use, accessible from any device around the globe and everyone else is on the same platform. However, those who take advantage of these cloud storage services rarely - if ever - think about Google Drive security. That is about to change.
"Hackers are able to steal data as well as control access to users' whole Google Drives."
A new type of attack
At Black Hat USA 2015, Imperva released a report that explained a new type of attack vector that allows cybercriminals to access data and documents stored in popular file synchronization services such as Google Drive. Dubbed "man-in-the-cloud attacks," hackers are able to steal data, as well as control access to users' whole Drives and all the documents inside.
The report warned that this is a huge risk factor for enterprises and consumers, especially since the MITC attacks do not rely on compromising credentials and they do not require malicious code or exploits. Instead, cybercriminals infiltrate end-user machines, steal synchronization tokens directly from the computer's registry and place them on different devices. Google Drive does not care which machine uses the token, as long as it's authentic, so cybercriminals will have complete access to and control over the associated Drive.
MITC attacks are also incredibly difficult to detect even with cutting-edge cybersecurity systems, the report surmised. Hackers do not need the Internet, and they can infiltrate accounts by simply altering registry keys, so users won't be aware of the breach either. To further heighten the severity of MITC attacks, Imperva researchers wrote that once Google Drive accounts are compromised via a MITC attack, they must be deleted them for good, as there is no way to remove the threat.
"We should be really worried about this," Amichai Schulman, chief technology office at Imperva, told ZDNet. "Attackers are looking at methods of being less detectable. But the reality is that it's already happening."
Google Drive security via data-centric protection
Schulman explained to the source that there is no easy solution, and this is because typical cybersecurity solutions that merely prevent malware and protect endpoint devices are incapable of detecting or stopping MITC attacks. As the Imperva report correctly asserted, securing data "at the source" is the only way to truly stop hackers leveraging MITC-style data theft techniques. CloudMask is capable of not only protecting Google Drive-stored information and documents in both corporate and private accounts, but it secures the token keys in a different location, ensuring that no one - not even Google itself - can access cloud-hosted data.
With CloudMask, only your authorized parties can decrypt and see your data. Not hackers with your valid password, Not Cloud Providers, Not Government Agencies, and Not even CloudMask can see your protected data. Twenty-six government cybersecurity agencies around the world back these claims.
Watch our video and demo at www.vimeo.com/cloudmask
Share this article: