[ad_1]
Experts have revealed a method for hackers to steal data from people’s Google Drive accounts without leaving any trace of the files they got away with.
Cybersecurity researchers at Mitiga Security claim that the problem lies in the fact that for users without a paid license for Google Workspace, nothing is logged and nothing is logged that the user does in their personal drive. There is no record of the work either.
This means that should a threat actor compromise a cloud storage account, they can easily revoke their paid license, revert the account to a “Cloud Identity Free”, cost-free license, and You can turn off any logging or record-taking features. After that, they’ll be able to exfiltrate any and all files without leaving a trace. The only thing an admin will see later is that someone has canceled the paid license.
lack of control
Mitiga says it notified Google of its findings, which has yet to respond.
Identifying which files were taken during a data breach is an essential part of any post-mortem or hacking forensics process. This helps victims determine what type of data was taken, and thus conclude whether there is a threat of potential identity theft, wire fraud, or the like.
Proper logging is also one of the standard ways for IT teams to track down potential intrusions before they are able to cause any serious damage.
Via: Silicon Angle










