File-Sharing Platforms Facilitate Cyberattack Dissemination

In today's interconnected digital landscape, file-sharing platforms like Dropbox have become indispensable tools for seamless collaboration and information sharing. However, the convenience of this facilitated interconnectedness comes hand in hand with cybersecurity vulnerabilities. Consequently, the accompanying risks have emerged as a favored access point into organization’s servers for cybercriminals, according to a Kaspersky report.

Kaspersky´s study reveals that cybercriminals are exploiting file-sharing platforms like Dropbox and Yandex Disk to easily distribute infected files or links, thereby jeopardizing the security of users and the organization’s network. Moreover, the investigation uncovered a series of planned cyberattacks aimed at creating embedded, stealth channels to steal confidential data. This approach not only allows cybercriminals to access the organization’s system remotely, but also enables them to maintain malicious network control over an extended period of time.

"We cannot underestimate the significant risks that targeted [file-sharing] attacks pose to industrial sectors. As organizations continue to digitize their operations and rely on interconnected systems, the potential consequences of successful attacks on critical infrastructure are becoming unavoidable," says Kirill Kruglov, Senior Security Researcher, Kaspersky. In fact, a recent report led by Quest Software revealed that 40% of enterprises say that a single hour of downtime could cost between US$1 million to over US$5 million, highlighting the severity of the situation.

The cyberattacks detailed in Kaspersky’s report revolved around new iterations of the FourteenHi malware. Registered in 2021 during the ExCone campaign targeting government entities, this malware strain has evolved into a family of sophisticated cyberthreats targeting the digital infrastructure of global industrial organizations. 

Nevertheless, internal actors can also compromise an organization’s cybersecurity without the incidence of a successful external threat. In these cases, employees of a file-sharing organization can inadvertently expose sensitive data within their own file-sharing platforms, effectively facilitating the compromise of the company’s servers and networks. To curb internal compromises, industrial organizations should consider more robust access controls and effective employee cybersecurity training. 

To address these cybersecurity risks, users can adopt several proactive strategies. In fact, Kaspersky advises industrial organizations to conduct penetration tests and vulnerability assessments in a periodic manner to identify potential cybersecurity risks within their systems. Moreover, updating key components within digital networks and applying security patches regularly can also help prevent major disruptions. Finally, carrying out cybersecurity training programs for employees can also function as a preventive measure against future cyberthreats. 

As Mexico embraces digitalization, it must also bolster its cybersecurity defenses. The insights gathered from global incidents can serve as a blueprint for safeguarding the country's critical industries. By adopting proactive cybersecurity strategies and investing in employee training, Mexican businesses can preemptively mitigate cyber risks and contribute to the nation's secure digital evolution.