A few days ago I read a some articles about these free online file converter tools that are actually being used for nefarious purposes. The initial warning came from the FBI who are warning these online “tools” are being used to load malware onto victims machines which can lead to ransomware attacks – FBI Denver Warns of Online File Converter Scam.
Ideally these types of sites should be blocked in your organization, not only are they a risk for malware, but by trying to convert a file (e.g. from a .doc to .pdf) online, you are having to upload your information to a third party. As such, employees could be risking sensitive company data to cyber criminals inadvertently. The issue here is blocking such sites is not that straightforward as these sites do not seem to have their own defined category for blocking through your Firewall systems. So unlike File Sharing sites like dropbox or onedrive which have their own category under “File Storage & Sharing”, if you are using Check Point systems, these websites are simply categorized as “Computers / Internet” which is far too broad.
So how can you protect your organization from this type of threat? Here are my top recommendations:
Implement a DLP Policy – This is a key security solution for reducing your risk against loss of sensitive data, by implementing a good DLP policy in your organization, your DLP solution should be monitoring for unauthorized sharing of your data in real time.
Use Company Portal – Make a trusted conversion software, that keeps data local, available on your company portal. Ultimately this threat is a human issue, so as well as educating your workforce, make it easy for them to use a software that your IT department has authorised. You could ensure your companies authorised conversion software is installed as standard during the build phase of your endpoints.
Education – As mentioned above, this is a human issue, so you could add this to your overall security training or if you have a internal newsletter, send out a quick education piece. The likelihood is most people simply do not realise how dangerous these simple file conversion sites can be.