Your IT Consultant

Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.

Dropbox, Google Drive, One Drive Files Accessed without a User’s Password

August 17, 2015

It’s called a “man-in-the-cloud” attack, which exploits a common flaw in most cloud-based file synchronization services. The bad guys don’t even need your password to access the cloud data. This is not just a problem for consumers, but impacts business users as well. The attack works by grabbing a password token file on the user’s device. The token is saved so the user doesn’t have to enter their password each time. Once the token is obtained, another machine is used to impersonate the original one, thereby gaining access to the cloud data. Changing the password won’t help since the token is tied to the user’s device and you don't know you've been compromised in the first place.

The tradeoff is between security and usability. Enabling two factor authentication will help as well as notifications when a new computer or an unusual geographic location is detected.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com