What are Man-In-The-Cloud Attacks?
It seems like every week new data security risks come to the forefront of tech news. Most recently, the data security firm, Imperva, discovered that even our cloud-based storage partners aren’t as secure as we once believed. As it turns out, many of the top cloud storage providers are susceptible to side door man-in-the-cloud attacks.
The most concerning news regarding this cloud computing security revelation is that data thieves can access your files without even needing your login and password information. As with most data security risks, understanding the problem and taking the necessary steps to protect yourself, your data, and your company need to be your primary goals.
How is Cloud Storage Security Being Compromised?
With a man-in-the-cloud attack, a cyber-thief infiltrates a cloud-based file sync service using a synchronization token that’s saved on the end user’s machine. This token is what enables users to access their files saved on services such as Google Drive, Dropbox, OneDrive, and Box (just to name a few) without having to sign in every time. By using a stolen token, the thief can compromise the cloud server without any sign of corrupt activity and steal data without anyone knowing.
A synchronization token is actually a tiny file that is stored on the end user’s computer or device. This file is usually stored in the system’s registry or its Windows Credential Manager and it is the “key” that’s used to access one’s storage account. By stealing or copying a user’s token, a malicious actor will be able to synchronize their devices with the victim’s account so every time a file is updated or data uploaded, the thief will immediately have access to it. To make matters worse, the thief not only has access the files, but they can even manipulate them, such as planting malicious codes within them or encrypting the files and holding them for ransom.
How to Protect Yourself From a Man-In-The-Cloud Attack
If you use cloud-based storage systems there are some things you can do to help protect yourself against man-in-the-cloud attacks. For starters, if you use Google Drive, then you should change your password immediately since changing the password revokes all tokens. This will require you to re-authenticate each device using your account credentials. Next, you should update your security and monitoring software and be vigilant in maintaining the highest level of cloud storage security possible.
It is also recommended to partner with a licensed data destruction provider to ensure that the infiltrating software is properly and effectively eradicated from every device being retired, donated, sold, or reused in another capacity.
At Liquid Technology, we have the resources necessary for wiping your hard drives completely clean without compromising the integrity of the computer’s drive or its functionality. This will enable you to install new “clean” operating systems and your security will be intact. Call us today at 800-797-5478 to speak with one of our data destruction specialists or to schedule service.