Cloud apps are increasingly being used to deliver malware

More than half of all malware is now delivered using cloud apps

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

As businesses continue to move more of their workloads to thecloud, cybercriminals are increasingly using cloud apps to delivermalwarein an effort to evade legacy security defenses, according to new research from Netskope.

To compile the February 2021 edition of itsCloud and Threat Report, the firm used anonymized data from millions of its users collected from the Netskope Security Cloud platform over the course of last year.

During the shift toworking from homeduring the pandemic in 2020, the number of cloud apps in use per organization increased by 20 percent. According to the report, organizations with 500 to 2,000 employees now use 664 distinct cloud apps on average each month. However, of these apps, nearly half have a “Poor” rating in Netskope’s Cloud Confidence Index which is used to determine a cloud service’s enterprise readiness.

Threat research director at Netskope, Ray Canzanese provided further insight on why cybercriminals are now targeting cloud apps in apress release, saying:

“Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery. Enterprises using the cloud need to quickly modernize and extend their security architectures to understand data content and context for apps, cloud services, and web user activity.”

Rise in cloud-based attacks

Netskope’s research found that 61 percent of all malware is now delivered usingcloud appswhich is up from 48 percent year-over-year.

At the same time though, the popularity of cloud apps in the enterprise has made them a target forphishing attacksas well with cloud services now being the target of one in three (36%) phishing campaigns. However, while the majority of phishing lures are still hosted on traditional websites, attackers are increasingly using cloud apps in order to gain footholds in organizations.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The report also found that the volume of maliciousMicrosoft Officedocuments has increased by 58 percent as cybercriminals are now using malicious Office documents as Trojans to deliver next stage payloads such asransomwareand backdoors. In fact, malicious Office documents represent 27 percent of all the malware downloads detected and blocked by the Netskope Security Cloud.

Finally, the amount of sensitive data stored in personal apps is growing as work and home life continue to blend as a result of remote working. Netskope found that 83 percent of users access personal app instances on their corporate devices and this greatly increases the likelihood of data being mishandled or leaked online.

While the cloud is convenient, organizations need to be aware of the risks and dangers increased cloud usage poses to both their businesses and their employees.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Professionals are facing “tech overload” as they try to juggle multiple devices in the workplace