Home / / Cloud storage putting networks at risk

Cloud storage putting networks at risk

Kaspersky Lab warns that cloud storage synchronisation could be backdoor for hackers

Cloud storage putting networks at risk
Cloud storage services could be creating a backdoor into corporate networks, warns Kaspersky Lab.

Users may be putting corporate PC and networks at risk of hijack by cybercriminals through the use of cloud storage services, according to Kaspersky Lab.

The security company said that analysis of data from the Kaspersky Security Network, which voluntarily takes data from Kaspersky security users, 30% of malware found in cloud folders on home computers is planted via synchronization mechanisms. For corporate users, the figure reaches 50%.

Kaspersky said that cybercriminals could gain control of an employee's laptop via a Dropbox client or similar cloud client. This could happen when the employee is away from the office. If infected documents are placed in cloud folders, Dropbox will automatically copy them to all devices connected to the corporate network that also run the same service.

Any cloud storage service with automatic synchronisation such as Onedrive, Google Disk, Yandex Disk and so on, would also be vulnerable.

"A careful analysis of statistics has shown that the risk of the corporate network being infected via cloud storage is currently relatively low - one corporate user in 1,000 risks having his or her computer infected during a one-year period. However, it should be kept in mind that, in some cases, even one infected computer can result in an outbreak engulfing the entire network and causing significant damage. Configuring the firewall to block access to these services is a painstaking process, which requires constant updates of firewall settings." commented Kirill Kruglov, Senior Research Developer at Kaspersky Lab.

Kaspersky recommends that companies deploy solutions featuring heuristic and behavioural antivirus protection, access control (HIPS), operating system control (System Watcher or Hypervisor), protection against vulnerability exploitation, etc. on each workstation on the network, to detect unauthorised activity.

Follow us to get the most comprehensive IT solutions delivered fresh from our social media accounts on Facebook, Twitter, Youtube, and listen to our Weekly Podcast. Click here to sign up for our weekly newsletter on curated technology news in the Middle East and Worldwide.

REGISTER NOW | Webinar Event | Security you can bank on – Safeguarding the Middle East’s financial sector

Presented in partnership with security and network specialist Cybereason, the second in the three part webinar series will bring together a panel of experts to discuss how banks and financial institutions are evolving their service offering while simultaneously staying one step ahead of the cyber criminals who seek to bring their operations crashing to the ground.