News reports suggesting that hackers could easily hijack user accounts for services from major file sync & share provides like Dropbox, Google Drive, Microsoft OneDrive and Box with only limited access to computers the programs run—without having access to user names and passwords. Not great news for the FSS industry. Aron Brand, CTO at CTERA commented on the hackers target dropbox, exposing risk of consumer sync and share.
[su_note note_color=”#ffffcc” text_color=”#00000″]Aron Brand, CTO at CTERA :
“It shouldn’t come as a surprise that cloud-based file sync & share services result in new vulnerabilities – after all, the ‘attack surface’ (potential inroads for infiltration) is made considerably larger by virtue of the constant file traffic to and from the cloud, as well as file sharing between groups of users. Private, behind-the-firewall deployments are obviously a lot less vulnerable than public services to any attack. Additionally, enterprise can choose solutions that prevent tokens from being reusable on multiple endpoints – which, at least in this case, would make this “Man in The Cloud” attack impossible..”[/su_note][su_box title=”About CTERA” style=”noise” box_color=”#336588″]