The threat of ransomware becomes more frightening every day. Millions of users reported facing extortion from various strains of the insidious malware in 2016, and ransomware tactics are only getting more sinister. Although some versions release hostage data and waive the requested ransom if targets successfully infect other users, and other versions are coded to replicate themselves across networks, they all have one thing in common — the potential to destroy valuable information.
Now there’s yet another ransomware possibility to worry about: files stored in the cloud. Yup, that’s right, even your Google Drive data is at risk.
Is my Drive at risk?
If you, or anyone at your organisation, has Google’s offline syncing enabled, you might be at risk. Users of this feature can edit locally stored documents and automatically back them up to Google Drive at regular intervals. Although it’s a great feature that can alleviate the pain of being disconnected from a cloud-only workspace, it’s also a dangerous opportunity.
As of the writing of this article, there’s still no way for Google Drive files to be infected with ransomware directly. However, files you create or edit locally can easily be infected with ransomware, and with automatic file syncing enabled you’re essentially handing over a roadmap to your Drive’s backdoor.
How nasty is the outcome?
The good news is ransomware is still unable to infect Google’s revision history. One of the best features of G Suite, revision history, saves all the edits in one document as a sort of digital timeline. Instead of saving a separate version of the same document every time you make a change, users can click a button to scroll through every edit, color coded to denote which user made the contribution. So although opening an infected file will display encrypted gibberish, users can view previous versions of the document.
Unfortunately, the bad news is twofold. Firstly, if the data contained in your most recent upload has sensitive or regulated data, you’ve just handed it over to hackers, and you could be facing a costly data breach. Secondly, if other users have syncing turned on for the same file, you’ve just spread the malware to their entire hard drive.
What should I do to prevent this from happening?
The first thing you should do is bring in a cloud technology firm like Damson Cloud for an assessment. Between compliance considerations, security administration, and backup management, a cloud infrastructure is anything but a “set it and forget it” solution. The best setup is a managed service wherein your network settings get the micromanaging they need to remain secure, but require minimal attention from you or your employees.
Once you’ve done that, you can begin to explore which options work best for your business model. Our team recommends a variety of cloud management platforms, but for this particular issue, we prefer Backupify. This service backs up all of your G Suite information to a separate cloud for total data redundancy. By coordinating with our team of cloud specialists, you can strengthen your cloud security and data compliance without sacrificing an inordinate amount of your precious time.
Cloud technology is often billed as easy, simple, and even maintenance free. But to put it bluntly, we couldn’t have built a thriving IT consulting firm over the last eight years if it was as straightforward as signing up and migrating your data. Damson Cloud is the partner you need to bridge the gap between cloud technology and enterprise-level privacy and security. Get in touch with us today to get started.