Cloud apps are increasingly being used to deliver malware

Malware Magnifying Glass
(Image credit: Andriano.cz / Shutterstock)

As businesses continue to move more of their workloads to the cloud, cybercriminals are increasingly using cloud apps to deliver malware in an effort to evade legacy security defenses, according to new research from Netskope.

To compile the February 2021 edition of its Cloud and Threat Report, the firm used anonymized data from millions of its users collected from the Netskope Security Cloud platform over the course of last year.

During the shift to working from home during the pandemic in 2020, the number of cloud apps in use per organization increased by 20 percent. According to the report, organizations with 500 to 2,000 employees now use 664 distinct cloud apps on average each month. However, of these apps, nearly half have a “Poor” rating in Netskope's Cloud Confidence Index which is used to determine a cloud service's enterprise readiness.

Threat research director at Netskope, Ray Canzanese provided further insight on why cybercriminals are now targeting cloud apps in a press release, saying:

"Cybercriminals increasingly abuse the most trusted and popular cloud apps, especially for cloud phishing and cloud malware delivery. Enterprises using the cloud need to quickly modernize and extend their security architectures to understand data content and context for apps, cloud services, and web user activity."

Rise in cloud-based attacks

Netskope's research found that 61 percent of all malware is now delivered using cloud apps which is up from 48 percent year-over-year.

At the same time though, the popularity of cloud apps in the enterprise has made them a target for phishing attacks as well with cloud services now being the target of one in three (36%) phishing campaigns. However, while the majority of phishing lures are still hosted on traditional websites, attackers are increasingly using cloud apps in order to gain footholds in organizations.

The report also found that the volume of malicious Microsoft Office documents has increased by 58 percent as cybercriminals are now using malicious Office documents as Trojans to deliver next stage payloads such as ransomware and backdoors. In fact, malicious Office documents represent 27 percent of all the malware downloads detected and blocked by the Netskope Security Cloud.

Finally, the amount of sensitive data stored in personal apps is growing as work and home life continue to blend as a result of remote working. Netskope found that 83 percent of users access personal app instances on their corporate devices and this greatly increases the likelihood of data being mishandled or leaked online.

While the cloud is convenient, organizations need to be aware of the risks and dangers increased cloud usage poses to both their businesses and their employees.

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.