Home / / Cloud storage putting networks at risk

Cloud storage putting networks at risk

Kaspersky Lab warns that cloud storage synchronisation could be backdoor for hackers

Cloud storage services could be creating a backdoor into corporate networks, warns Kaspersky Lab.
Cloud storage services could be creating a backdoor into corporate networks, warns Kaspersky Lab.

Users may be putting corporate PC and networks at risk of hijack by cybercriminals through the use of cloud storage services, according to Kaspersky Lab.

The security company said that analysis of data from the Kaspersky Security Network, which voluntarily takes data from Kaspersky security users, 30% of malware found in cloud folders on home computers is planted via synchronization mechanisms. For corporate users, the figure reaches 50%.

Kaspersky said that cybercriminals could gain control of an employee's laptop via a Dropbox client or similar cloud client. This could happen when the employee is away from the office. If infected documents are placed in cloud folders, Dropbox will automatically copy them to all devices connected to the corporate network that also run the same service.

Any cloud storage service with automatic synchronisation such as Onedrive, Google Disk, Yandex Disk and so on, would also be vulnerable.

"A careful analysis of statistics has shown that the risk of the corporate network being infected via cloud storage is currently relatively low - one corporate user in 1,000 risks having his or her computer infected during a one-year period. However, it should be kept in mind that, in some cases, even one infected computer can result in an outbreak engulfing the entire network and causing significant damage. Configuring the firewall to block access to these services is a painstaking process, which requires constant updates of firewall settings." commented Kirill Kruglov, Senior Research Developer at Kaspersky Lab.

Kaspersky recommends that companies deploy solutions featuring heuristic and behavioural antivirus protection, access control (HIPS), operating system control (System Watcher or Hypervisor), protection against vulnerability exploitation, etc. on each workstation on the network, to detect unauthorised activity.