As the number of connected devices increases, so too does the use of platforms which allow us to synchronize them all and access our files from any location. Saving documents on the cloud is especially useful in the corporate world, where all of the team is able to access and modify information without the need to send emails or use external memory systems.
As we have already mentioned on various occasions, despite being useful and efficient, the cloud system isn’t completely risk free. During this year’s BlackHat USA, an event that draws together security experts from all around the world, there was a new revelation relating to cloud security.
The group on question discovered a new type of attack called the Man in the Cloud (a variation on the classic Man in the Middle), which allows cybercriminals to access synchronized file services.
By doing this, they can reconfigure platforms such as Dropbox, Google Drive or Microsoft’s OneDrive and turn them into tools for stealing information. One of the most dangerous and worrying aspects of this is that the criminals don’t need to have the passwords in order to access the information.
In an effort to speed up the process, a lot of the most popular applications don’t ask users for their login details every time. Instead of this authentication, it relies on an identification key or a token, which is saved in a file or register.
The problem is that even when the key is encrypted, cybercriminals are able to eliminate the encryption. To make matters worse, some platforms such as Dropbox don’t renew the code even when the user changes the password. That means that to steal information, the attacker only has to install the identifier on its own system.
One of the experts who uncovered this attack has developed a test to manipulate the encryption of the keys. It consists of a malware that the victim downloads from a link included in an email or when they access an infected webpage.
Once inside, besides stealing documents and confidential information, the attackers can manipulate the files, encrypting them so that the users are unable to access them. They are also able to install a back door on the device which allows them even more control over it.
To avoid these types of attacks, the best thing to do is use storage and synchronization tools such as Panda Cloud Drive, which is included in the Gold Protection version of our security solutions.