Jump to content
  • This Google Workspace security flaw could let hackers quietly steal your Drive files

    aum

    • 310 views
    • 2 minutes
     Share


    • 310 views
    • 2 minutes

    Logging feature is only reserved for paid Google Workspace accounts

     

    Experts have uncovered a method for hackers to steal data from people’s Google Drive accounts without leaving any trace of the files they got away with.

     

    Cybersecurity researchers from Mitiga Security have published findings claiming the problem lies in the fact that for users without a paid license for Google Workspace, nothing is logged and there are no records of any actions a user might make in their private drive.

     

    That means should a threat actor compromise a cloud storage account, they could easily revoke their paid license, bringing the account back to the “Cloud Identity Free”, costless license, and thus turning off any logging or record-taking features. After that, they’d be able to exfiltrate any and all files without leaving a single trace. The only thing an admin would later see is that someone revoked a paid license.


    Lacking controls

     

    Mitiga says it notified Google of its findings, who is yet to respond.

     

    Identifying which files were taken during a data breach is an essential part of any post-mortem or hacking forensics process. It helps the victims determine what type of data was taken, and thus conclude if there is any danger of potential identity theft, wire fraud, or similar.

     

    Proper logging is also one of the standard ways for IT teams to keep track for potential incursions before they are able to cause any serious damage.

     

    Source

    • Like 2

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...