Netskope, a leader in Secure Access Service Edge (SASE), just released new research that shows over 400 cloud apps delivered malware in 2022. This is nearly three times as many as last year.
Malware downloads from cloud apps have gone up in Australia and Europe by 10% and 11%, respectively. This means that there are more malware downloads from cloud apps than from websites.
Netskope researchers also found that 30% of all cloud malware downloads in 2022 came from Microsoft OneDrive.
What’s going on and why?
Businesses use cloud apps a lot, and attackers know this. They see these apps as a great place to put malware and do harm.
Ray Canzanese, Threat Research Director at Netskope Threat Labs, said, “Attackers are using business-critical cloud apps more and more to send malware by getting around weak security controls.”
“That’s why it’s so important for more companies to check all HTTP and HTTPS traffic, including traffic for popular cloud apps, both for business and for personal use, for malicious content.”
Also read: CBA research shows the average Australian receives over 250 scam attempts a year
More uploads to cloud apps means more downloads of malware
In 2022, more users uploaded content to the cloud than in 2021. 25% of people globally submitted documents everyday to Microsoft OneDrive, 7% to Google Gmail, and 5% to Microsoft Sharepoint.
Nearly a third of all cloud malware downloads came from Microsoft OneDrive. Weebly and GitHub were the next closest cloud apps, with 8.6% and 7.6%, respectively.
Cloud-delivered malware is becoming more popular than web-delivered malware
Post-Covid, industries have become more reliant on cloud apps and cloud infrastructure to run their businesses. There is also a worldwide shift towards hybrid work.
As a result, cloud-delivered malware is now responsible for a much higher percentage of all malware delivery than it was before.
In 2022, the overall percentage of cloud-delivered malware was much higher than it was in 2021 in a number of places, including:
- Australia (50% in 2022, as opposed to 40% in 2021)
- Europe (42% in 2022, compared with 31% in 2021)
- Africa (42% in 2022, compared with 35% in 2021)
- Asia (45% in 2022, compared to only 39% in 2021)
In some industries, cloud-delivered malware has also become more common around the world, especially:
- Telecom (81% in 2022 versus 59% in 2021)
- Manufacturing (36% in 2022 versus 17% in 2021)
- Retail (57% in 2022 versus 47% in 2021)
- Healthcare (54% in 2022 versus 39% in 2021)
Related read: The next generation of phishing attacks could come with unexpected delivery methods. Are we prepared?
Cyber preparedness: adjusting security for the remote workforce
Netskope recommends that organisations take the following steps to avoid an increased risk of security incidents caused by cloud and web-delivered malware:
- Use fine-grained policy controls to limit the flow of data to and from apps, between company and personal instances, between users, and to and from the web. Adapt the policies based on the device, location, and risk
- Set up multi-layered, in-line threat protection for all cloud and web traffic to stop both malware coming in and malware going out
- Set up multi-factor authentication for unmanaged enterprise apps
