Threat Actors Deliver Most Malware via Trusted Cloud Applications

21
Threat Actors Deliver Most Malware via Trusted Cloud Applications

The pandemic-induced digital work ecosystem observes that the threat actors exploit the trusted cloud solutions and applications to conduct cloud malware delivery and phishing attacks – reveals a new Netskope study.

Today, cyber attackers are increasingly abusing the popular cloud solutions in order to evade legacy security defenses – placing humungous critical enterprise data and information at risk. Indeed, data risks and emerging cyber threats are in the spotlight.

Given the widespread trend towards digitization, there has been continued growth of malware and other attacks – delivered by cloud apps. The potential for essential data exfiltration tied to employees departing from their jobs is among increasing cloud application security risks.

With cloud solutions utilization on the rise, a recent Netskope study, titled “Netskope Cloud and Threat Report“, reveals that the number of cloud applications in use per company increased by 20% in 2020. Now, organizations with 500-2,000 employees use 664 various cloud applications (on average) per month. Out of these apps, almost 50% have a flawed Cloud Confidence Index (CCI).

Also Read: Most Enterprises Encountered Serious Cloud Security Breach or Leak last Year

The threat actors can thus exploit the trusted cloud solutions and apps – especially for cloud malware delivery as well as cloud phishing. The study found that malware delivery continues to shift into the cloud environment. In reality, almost 61% of the malware is distributed via a cloud application, which is up from 48% YOY.

Indeed, the widespread acceptance of enterprise cloud apps makes them a significant aim for phishing attacks. Cloud apps are the target of roughly 36% of phishing campaigns at present, while most of the phishing lures are still on traditional websites.

As a result, cyber attackers are using cloud apps more than ever to hold grips in the enterprise landscape. Lately, the volume of malicious attacks through Microsoft office docs has increased by approximately 58% since threat actors increasingly use malicious documents as Trojans. This helps them to deliver the following stage contents, including backdoors and ransomware.

Moreover, with the help of cloud app delivery to evade web defenses and legacy email, the malicious Office documents take over almost 27% of all the malware downloads blocked and detected. It is also happening as sensitive data in personal applications continues to grow.

Also Read: SD-WAN Solutions to the Rescue of IT Leaders

For instance, work and home time continue to mix up in the remote workforce environment. Personal application instances within the enterprise have increased – with almost 83% of people accessing their personal applications on their corporate devices.

In fact, the average enterprise user usually uploads 20 files into their apps each month from these managed devices. Private application practice in the enterprise landscape dramatically increases the possibility of data being leaked or mishandled.

As explained by Ray Canzanese, Threat Research Director at Netskope, in the company blog post – “Enterprises using the cloud need to quickly modernize and extend their security architectures to understand data content and context for apps, cloud services, and web user activity.”

For more such updates follow us on Google News ITsecuritywire News