The range of cloud programs made use of to deliver malware almost tripled in 2022 as users encounter an progressively unsafe cyber threat landscape.
A lot more than 400 “distinct” cloud applications were utilized to focus on customers with malware throughout the 12 months, according to study from Netskope, with OneDrive highlighted as the most frequently abused app by menace actors.
This raise displays a increasing trend in cloud security threats, the business warned.
Throughout 2022 there was a “drastic increase” in the quantity of users uploading content to the cloud, Netskope mentioned, which offered attackers with a developing pool of potential targets.
“Cloud applications are broadly used by organizations, a simple fact not misplaced on attackers, which watch these applications as an excellent house for hosting malware and causing hurt,” the corporation explained.
OneDrive accounted for about 25% of worldwide user uploads although Google Gmail and Microsoft SharePoint saw a 7% and 5% in enhance in utilization respectively.
As a consequence, Netskope said it observed a “sizeable” improve in cloud malware downloads about the class of the yr, which came in stark distinction to the two many years prior.
OneDrive accounted for 30% of all cloud-primarily based malware delivery, the study observed, while Weebly and GitHub ended up also crucial platforms exploited by risk actors to supply malicious information.
OneDrive’s popularity as a commonly used platform to deliver malware marks a adjust in comparison to former exploration from Netskope. In 2021, Google Drive was determined as the go-to cloud app to produce destructive computer software.
“Attackers are ever more abusing business enterprise-critical cloud apps to supply malware by bypassing insufficient security controls,” reported Ray Canzanese, investigate director at Netskope.
“That is why it is vital that more organisations inspect all HTTP and HTTPS website traffic, such as targeted visitors for well-known cloud applications, both corporation and own occasions, for destructive written content.”
Cloud-delivered malware is surging
A concerning observation from the Cloud Menace Report also highlighted the developing level of popularity of cloud-delivered malware in comparison to web-based attacks.
Throughout 2022, cloud applications accounted for 48% of malware shipping, marking a 10% maximize on the calendar year past – and this is anticipated to proceed.
The developing reliance on cloud programs and infrastructure throughout a host of industries has accelerated this craze, the analyze identified, and was fuelled by the immediate shift to distant and hybrid operations in the wake of the pandemic.
“Cloud-delivered malware is now responsible for a substantially higher percentage of all malware delivery than at any time before, specially in particular geographic locations and industries,” the organization explained.
The worldwide telecoms market noticed a immediate improve in the volume of malware attacks last calendar year, with 81% of attacks cloud-dependent compared to 59% in the calendar year past.
The producing, retail and healthcare industries also witnessed a surge in cloud-delivered malware attacks.
Some components of this report are sourced from: