Skip to content

Ransomware and Google Apps: What You Need to Know

3 minute read

General Google Apps Yellow1

Every day, individuals and businesses alike are becoming victims of ransomware, a form of malware that captures your computer’s data and holds it captive until you pay the assigned ransom.

Even after you pay the demanded price, which can be pretty steep, there’s no guarantee that you’ll have all of your data returned to you. In 2016, ransomware attacks are happening more than ever, sparking the US Department of Homeland Security to issue an alert about the malware epidemic.

Ransomware is no longer just an issue for hardware devices. In fact, new strains of ransomware have launched that specifically target cloud-based applications, such as Google Apps and Office 365. One example of this cloud-targeting malware is called “cuteRansomware,” a form of ransomware that is quickly gaining speed. cuteRansomware infects the computer by launching itself from a Google Doc and holds the command-and-control functionality. Once you have accessed and downloaded the Google Doc that contains the cuteRansomware, it can collect user data while going unnoticed. While this is a recent endeavor of hackers, it’s an indication that cloud services will continue to be seriously affected by ransomware.

With Google Apps in particular, the risk is increasingly high because, by default, Google uses HTTPS to transfer data between a browser and the website to which it is connected. The way that cuteRansomware operates, it’s easy to bypass traditional security solutions like firewalls that would normally protect your data during the transfer. cuteRansomware is using Google’s own security against them to attain the data.

While this is a very serious threat, there are ways to protect against ransomware attacks. Netskope stresses “the importance of anticipating an attack by identifying where sensitive content is in the cloud and ensuring backups of those important files.” With a solution like Datto’s Backupify, a cloud-to-cloud backup and recovery platform for Google Apps, ransomware is no longer a threat to your company’s data or security.

The Backupify solution has two features that help combat ransomware in particular. One of the features Backupify offers is a service called Point-In-Time Backup. PIT offers incremental backups that are taken frequently to create a series of recovery points. Backupify for Google Apps, for example, backs up your Google Apps data–including Docs, email, Drive, chat, Calendar, etc–a total of three times a day. Should your business get hit by ransomware at any point, you can roll-back your data to a point-in-time before the infection occurred. This way, you don’t need to pay the ransom to get your data back, and because you are restoring to a point-in-time before the ransomware infected your system, you can be certain everything is clean and the malware cannot be triggered again.

The second ransomware protection feature Backupify offers is an Unlimited Retention Policy, which allows users to store an unlimited amount of data in the Datto Cloud forever for a small incremental expense. How does this feature protect against ransomware? Because with unlimited data backup, you’ll always have a second copy of your data, thus never having to pay the ransom to get what could be your only copy back.

While ransomware is a serious and prevalent concern to the security of your business’ data, it is not the only threat. Do not let your company go unprotected, especially when there are solutions to prevent data security disasters.

Aside from a backup and recovery solution, the US Department of Homeland Security recommends the following to protect your business from a ransomware attack:

  • Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
  • Keep your operating system and software up-to-date with the latest patches. Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
  • Maintain up-to-date anti-virus software, and scan all software downloaded from the internet prior to executing.
  • Restrict users’ ability (permissions) to install and run unwanted software applications, and apply the principle of “Least Privilege” to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through the network.
  • Do not follow unsolicited Web links in emails.

To learn more about ransomware and how you should be protecting your business data, check out The Business Guide to Ransomware and The CryptoLocker Removal & Prevention Guide.

Sign up for our newsletter