While Google has made large strides in recent months to heighten security around its G Suite products, including the use of physical security keys to access data, there are still concerns that SaaS products could be vulnerable to ransomware attacks, as scamsters continue their efforts to exploit any available vulnerability in order to make a fast buck.
Ransomware is an increasing problem in Asia, with the Singapore Cyber Security Agency (CSA), reporting a tenfold increase in reported ransomware cases last year, up from only two cases in 2015. The CSA believes this figure could be higher, as most cases go unreported.
With ransomware, it only takes an accidental click or two to make your company a victim, seeing your data being encrypted and held for ransom. There’s also no guarantee that if you pay the ransom, the data will be restored, which makes it imperative to have the upper hand, and work to ensure that your organisation has its ‘ducks in a row’ where security is concerned.
In practice, the vulnerability often comes from employees with limited cyber security knowledge, unwittingly clicking on infected attachments or links, and while cloud apps and storage, such as G Suite, offer some protection, just using G Suite doesn’t mean you won’t be affected by ransomware.
There are, however a number of key things G Suite users can do to keep their data safe.
Be cautious when you share a folder, especially if you use the Google Drive sync client, as when you share a folder, your collaborators can add files. Those files could sync to their system, and if this happens, the files could be encrypted when their system is afflicted with ransomware. Most importantly, try to stay up-to-date, secure, and alert on all the standard practices to guard against this kind of attack. This means keeping your operating system, apps, and browser up-to-date. Don’t open attachments or follow links unless they’re clearly from a person you know in a communication you expect. When your browser warns you of a suspicious site, don’t continue, and don’t turn off any security setting in order to allow an app to install or run.
It’s useful to choose different defaults and restrictions for different groups. For example, you might block user accounts from accessing Google Hangouts unless they’re in your sales department group, or block a specific app for middle-management, but allow it for C-level. In G Suite, organisational units allow an administrator to define different settings for groups of users. Every person’s account belongs to just one organisational unit at a time, and when configured, a setting applies to every member within that unit.
To conclude, ransomware is a serious issue, and as the threat landscape in Asia-Pacific and the world continues to evolve, cyber criminals continue to be more cunning and brazen in their tactics to exploit any available vulnerability. While developers work to minimise this risk, as a G Suite administrator, you have the power to make it even more difficult for scamsters to see you as low hanging fruit. Educating management and the wider team on this will be key, but putting a few simple precautionary measurements in place, could mean the difference between a successful ransomware attack, and an unsuccessful one.