The number of cloud applications used to deliver malware almost tripled in 2022 as users face an increasingly dangerous cyber threat landscape.
In 2022, hackers used more than 400 “distinct” cloud apps to target users with malware across the year, according to research from Netskope. The firm warned that this increase reflects a growing trend in cloud security threats. OneDrive was one of the most commonly abused apps by threat actors.
Across 2022 there was a “drastic increase” in the number of users uploading content to the cloud, Netskope said, which presented attackers with a growing pool of prospective targets.
“Cloud apps are widely used by businesses, a fact not lost on attackers, which view these apps as an ideal home for hosting malware and causing harm,” the company said.
OneDrive accounted for over 25% of global user uploads, while Google Gmail and Microsoft SharePoint saw a 7% and 5% increase in usage, respectively. As a result, Netskope said it observed a “sizeable” increase in cloud malware downloads over the year, which came in stark contrast to the previous two years.
OneDrive accounted for 30% of all cloud-based malware delivery, the study found, while Weebly and GitHub were also key platforms exploited by threat actors to deliver malicious files. OneDrive's popularity as a commonly used platform to deliver malware marks a change compared to previous research from Netskope. In 2021, Google Drive was the go-to cloud app for delivering malicious software.
“Attackers are increasingly abusing business-critical cloud apps to deliver malware by bypassing inadequate security controls,” said Ray Canzanese, research director at Netskope.
“That is why it is imperative that more organizations inspect all HTTP and HTTPS traffic, including traffic for popular cloud apps, both company and personal instances, for malicious content.”
A concerning observation from the Cloud Threat Report also highlighted the growing popularity of cloud-delivered malware compared to web-based attacks. Across 2022, cloud applications accounted for 48% of malware delivery, marking a 10% increase on the previous year – and this is expected to continue.
The growing reliance on cloud applications and infrastructure across various industries has accelerated this trend. The rapid shift drove this study to remote and hybrid operations in the wake of the pandemic.
“Cloud-delivered malware is now responsible for a much higher percentage of all malware delivery than ever before, especially in certain geographic regions and industries,” the firm said.
The global telecoms industry saw a rapid increase in the volume of malware attacks last year, with 81% of attacks cloud-based compared to 59% in the previous year. The manufacturing, retail and healthcare industries also witnessed a surge in cloud-delivered malware attacks.
Kamal Rastogi is a serial IT entrepreneur with 25 yrs plus experience. Currently his focus area is Data Science business, ERP Consulting, IT Staffing and Experttal.com (Fastest growing US based platform to hire verified / Risk Compliant Expert IT resources from talent rich countries like India, Romania, Philippines etc...directly). His firms service clients like KPMG, Deloitte, EnY, Samsung, Wipro, NCR Corporation etc in India and USA.