Ransomware 101: The Latest Hacking Technique Lock Your Files On Google Drive

In April the FBI issued a warning that a sharp increase in ransomware attacks had occurred over the past year. In support of this warning, Kaspersky Labs reported that there was a 500 percent year-to-year increase in the number of ransomware attacks from 2014 – 2015 to 2015 – 2016. These reports make it clear that in order to protect against ransomware, companies must first understand the intricacies of the attack.

Understanding The Far Reaching Impact Of Ransomware

One of the common misconceptions surrounding ransomware is that it is only an “on-premise technology threat.” In fact, ransomware is more intricately linked than the latter statement suggests. When a user is attacked with a ransomware file, the malicious code will lock files on the computer. However, if the user is logged into a local network, then the files on additional computers and shared drives will also be impacted. Many users think that the trail stops here; this is not the case. If left unchecked, ransomware can spread to Google Apps data, as well as your Google Drive account.

How Can Ransomware Affect Google Drive?

The Google Drive sync feature allows users to automatically combine their local computer files with any Google Drive copies. Through this feature, users can work on files offline. When users reconnect to the Internet the file changes are automatically synced with the copies on Google Drive. While this is a convenient feature, it does create a security vulnerability.

If a computer is infected with ransomware and then syncs to Google Drive, it will corrupt both versions of the files. The impact is extended if a user is collaborating with other employees via Google Drive. Ransomware can then quickly spread across all shared files and folders, which creates an even larger security threat. Unfortunately, according to a Google Products expert June 7, 2016 statement in an online Google Drive Help Forum, “Encrypted ransomware files will sync back to the Google Drive server. You may be able to restore the files to a previous version but unfortunately, there isn’t much of a solution besides this. Best of luck to you!”

What Can Companies Do To Protect Themselves And Their Google Drive Accounts?

Taking precautionary security steps and educating your employees about ransomware attacks are the first steps that companies can take to protect their local and Google Drive files. An SaaS backup can also be conducted on Google Apps to further protect, Google Mail, Drive, Contacts, Sites, and Calendar from an attack. This SaaS backup creates an independent copy that will allow you to restore your data to their state before the files were encrypted with ransomware.

Finally, as ransomware threats continue to increase, companies need to develop a preventative strategy. Part of this strategy should be to ensure that your software is up-to-date and patched, that your company uses a reputable antivirus software, and that you have a secure backup solution that automatically backs up your vital business data on a regular basis. In addition to these steps, companies and their employees need to remain educated on what to look out for in a ransomware attack. From spotting suspicious attachments and links to avoiding fake websites, education is key to protecting your data.

Centerpoint IT is the trusted choice when it comes to staying ahead of the latest information technology tips, tricks, and news. Contact us at (404) 781-0200 or send us an email at info@centerpointit.com for more information.