Hackers can Access Dropbox, Google Drive Accounts without the User’s Password

1541 0

News reports suggesting that hackers could easily hijack user accounts for services from major file sync & share provides like Dropbox, Google Drive, Microsoft OneDrive and Box with only limited access to computers the programs run—without having access to user names and passwords. Not great news for the FSS industry. Aron Brand, CTO at CTERA commented on the hackers target dropbox, exposing risk of consumer sync and share.

Aron Brand, CTO at CTERA : 

“It shouldn’t come as a surprise that cloud-based file sync & share services result in new vulnerabilities – after all, the ‘attack surface’ (potential inroads for infiltration) is made considerably larger by virtue of the constant file traffic to and from the cloud, as well as file sharing between groups of users. Private, behind-the-firewall deployments are obviously a lot less vulnerable than public services to any attack. Additionally, enterprise can choose solutions that prevent tokens from being reusable on multiple endpoints – which, at least in this case, would make this “Man in The Cloud” attack impossible..”

cteraCTERA Networks bridges the gap between cloud storage and local storage, providing optimized performance and end-to-end security. Our solutions accelerate deployment of cloud services and eliminate the costs associated with file servers, backup servers and tape drives. Service providers and enterprises use CTERA to deliver services such as backup, file sync and share, managed NAS and cloud on-ramping, based on the cloud infrastructure of their choice.

If you are an expert on this topic:

Submit Your Expert Comments

In this article