MSPmentor Blog
 CryptoWall 2.0, Cloud Backup and the Do-It-Yourself Customer

CryptoWall 2.0, Cloud Backup and the Do-It-Yourself Customer

One of the side effects of the consumerization of IT is that some end customers are feeling more empowered than ever to take IT matters into their own hands rather than seek the help of IT solution providers. This is especially true when it comes to cloud services, where business owners (or their employees) can self-install a cloud backup product and instantly have access to 5 GB or more of free cloud storage. Even if business owners aren't actively involved in using or promoting DIY (do-it-yourself) cloud services, research shows their employees are. A study from Skyhigh Networks, which monitors the use of cloud services for businesses, found that the average enterprise uses 545 cloud services, which is approximately 500 more than the average CIO is aware of!

Besides the loss of control of corporate data, DIY cloud services play into the hands of cybercriminals who exploit business owners through ransomware. Like other malware, ransomware infects corporate networks through unpatched computers or when a user clicks on an infected email attachment. Once launched, the ransomware program encrypts common user files on the network--such as documents, spreadsheets and database files--and the victim is required to pay a ransom to decrypt the files.

Consumer cloud services inadvertently extend the reach of ransomware by spreading the malware to the cloud and potentially infecting all users connected to the same shared files and folders. This means that a company could infect not only everyone connected to its local area network, but employees and business associates at other locations, as well. 

Saving Customers From CryptoWall 2.0’s Clutches

Sharing real-world anecdotes and examples is one way to get customers to see the downside of consumer cloud services.

Here's one example that our partner Dan Edwards, president and CEO of Pact-One, shared regarding a prospect at a professional services organization.

Six employees within the company were sharing a freemium consumer cloud account where they regularly collaborated on spreadsheets and stored marketing materials and other important company documents. Each employee had full read-write privileges.

One of the employees opened an email attachment claiming to be a UPS delivery notification regarding something he ordered online. Unfortunately, the attachment contained an executable file that launched the CryptoWall 2.0 virus. In addition to encrypting every important file on the employee’s laptop, it encrypted his shared cloud folder, including all 200-plus files used by him and the other employees.

Making matters worse, the consumer cloud application detected the file changes and updated them to the cloud, which in turn updated all the computers linked to the shared cloud account. After wasting several hours before realizing there was no way to fix the problem, the president of the company logged into the cloud account and researched how to perform a rollback on the cloud files. Luckily, the consumer cloud provider did maintain multiple versions of each file, but there was a caveat: Each file had to be individually rolled back to the previous state.

When it comes to talking to customers about threats like CryptoWall 2.0, there’s no need to resort to scare tactics or embellishments--the facts speak for themselves. According to security researchers from Dell SecureWorks, more than 830,000 victims worldwide have been infected with CryptoWall 2.0, just like the employees at the professional services firm mentioned earlier. What’s more is that between August and October 2014, the number of CryptoWall infections grew 25 percent, which adds further perspective on how serious a problem this ransomware virus has become.

No malware education is complete, however, without sharing how DIY freemium cloud services are playing right into CryptoWall’s clutches.  As part of a holistic security strategy, your customers should have policies in place (ideally, with your help) that restrict the applications and devices that can be downloaded, connected to and installed on their networks. And they shouldn’t leave it to chance that every employee will follow these policies--they need to use managed security solutions that can detect and shut down threats before they’re unleased on their networks.

Don’t Overlook the Human Error Factor in Security Planning

Following the advice outlined above will significantly minimize customers’ security threats, but there’s always the human error factor that must be accounted for—the factor that prevents even the best security software and policies from being failsafe. Fortunately, this, too, can be mitigated with an enterprise-grade cloud BDR solution.

In the real-world example shared earlier, the professional services organization that was using the "free" cloud service lost more than 15 hours of time among its employees after accounting for downtime, time spent trying to fix the problem, and the various workarounds used while waiting for the files to be restored. An enterprise cloud BDR solution would have reduced this client’s downtime to less than 30 minutes. In addition to offering more granular data recovery and the ability to automate many of the steps that eat up so much time with freemium recovery solutions, an enterprise cloud BDR solution can protect data with high-level (such as AES) encryption, and it can enable an entire company’s IT assets to be monitored and managed from a single portal. And the real surprise to many end users is that an enterprise cloud BDR solution can offer all these aforementioned services and more--for a monthly fixed rate that’s quite affordable.

Achmad Chadran is Senior Product Marketing Manager at Intronis. He has held a variety of positions at IT and high-tech companies, including industry analyst, market consultant and product marketing manager. Achmad has a bachelor’s degree from the University of Virginia and a master’s degree from Ohio University.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.