Security and privacy concerns have always haunted cloud storage users to such an extent that some have abandoned their decision to use the cloud for their enterprise storage needs and a few have stopped using public cloud platforms.
During a CSA summit held at RSA’s 2016 Conference, Netskope warned how cloud synchronization services can spread malware infection throughout an enterprise. The said company is an American software provider which specializes in offering cloud based security services.
It’s a known fact that cloud apps themselves are rarely breached or directly infected with malware. But Netskope says that they’ve proven to be a major asset to threat actors looking to spread malicious attacks to as many users and organizations as possible.
Krishna Narayanaswamy, chief scientist at Netskope discussed about cloud based malware threats which are spreading in enterprises these days. Infact, Mr. Narayanaswamy presented a research at the RSA Conference 2016 which revealed that malicious files or codes which infect a single user’s client device will spread on a rapid note through cloud services.
Netskope looked at hundreds of different sanctioned cloud apps used by more than 500 of its customers to measure “the prevalence of malware in cloud applications”. The research concluded that only 4.1% of cloud apps contained some kind of malware. But Netskope determined that there was a bigger problem lurking behind the scenes.
The research carried out by Netskope found that the small amount of cloud malware detected in cloud apps had the potential to infect many more users beyond the initially infected device. This was possible by file sharing and cloud sync services.
Mr. Narayanaswamy presented a case study of an enterprise user that inadvertently spread ransomware through a cloud application. A hiring manager was hit with a ransomware infection through a resume file that had been received via an email. But the file was then moved to a folder that automatically synchronized with a cloud application, which delivered the file to other users within the organization. So, instead of infecting a single user, the malware spread to a bunch of users who accidentally opened the file- all thanks to the sync and share service offered by the cloud in an automated way.
Then how to prevent cloud malware from spreading?
- Mr. Narayanaswamy said companies also need to fret about what’s coming into the services to prevent cloud malware from spreading across the user base.
- Additionally, by taking basic precautions, such as regularly backing up data and monitoring cloud apps for anomalous behavior or signs of data infiltration, some of the risks can be easily avoided
- Narayanaswamy urged enterprises to take additional steps such as enabling the automatic deleting or trashing of cloud files that have been overwritten. By following such practices a file that is potentially harmful won’t be allowed to linger indefinitely inside the cloud service and put additional users at risk.
Know more of such tips? Please share it through comments section below.