Cloud & Threat Report: Most of The Malware Comes from Cloud Apps | Total Security

Cybercriminals are increasingly using trusted cloud apps for phishing and malware attacks

Not only companies are increasingly relying on the cloud, but attackers are also increasingly choosing this vector for distributing malware: While the number of cloud apps used per company has increased by 20 percent, 61 percent of the malware identified was via the cloud applications in the past year and services. These are the results of the new Cloud & Threat Report. For this purpose, anonymized data from millions of users of the Netskope Security Cloud platform was analyzed in the period from January 1 to December 31, 2020.

“Many companies believe that the greatest threat comes from lesser-known and obviously questionable cloud services. In fact, we see the greatest risks in known and trustworthy cloud apps that cybercriminals misuse for cloud phishing and malware delivery, ”explains Paolo Passeri, Cyber ​​Intelligence Principal at Netskope. “Security officers must therefore have transparency about the content and context of the use of cloud applications and be able to apply granular policy controls. This is the only way to ensure that the applications and services that are important for productivity can be used without exposing yourself to these risks. "

The Main Results

Cloud Use on The Rise.

In 2020, the number of cloud apps used per company rose by 20 percent. Companies with 500 to 2,000 employees use an average of 664 different cloud apps per month. Almost half of these applications are rated with a “poor” Cloud Confidence Index (CCI). This indicates to what extent apps and services are suitable for the professional environment.

 

The Delivery of Malware Continues to Move to The Cloud.

In 2020, 61 percent of malware was distributed via cloud apps. In the previous year, it was 48 percent.

 

The Widespread Use of Cloud Apps in Businesses Makes Them a Popular Target for Phishing Attacks.

Cloud apps are now the target of every third (36%) phishing campaign. While the majority of phishing lures are still hosted on traditional websites, attackers are increasingly using cloud apps to gain a foothold in businesses.

The Volume of Malicious Microsoft Office Documents Increased by 58 Percent.

Attackers are increasingly using Office documents as Trojans to spread additional payloads, including ransomware and backdoors. By providing them via cloud apps, traditional email and web security solutions can often be bypassed. Correspondingly, malicious Office documents made up 27 percent of all malware downloads that were detected and blocked by the Netskope Security Cloud.

 

Sensitive Data Is Increasingly Being Stored in Personal Apps.

With the increasing merging of work and private life in the home office, personal app instances are increasing in the company: 83 percent of employees access personal app instances on company devices. The average business user uploads 20 files from these managed devices to personal apps every month. Using private instances also increases the risk of data protection breaches significantly.

Find the best-advanced malware protection like Protegent Total Security to prevent any malware activity.