Google Drive accounted for the most malware downloads from cloud storage sites in 2021

Google took excessive spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared paperwork with unsuspecting customers, says Netskope.

Drawing of Google Drive logo, with words

Illustration: Andy Wolber/TechRepublic

The extra that cybercriminals can benefit from a reputable service, the higher their probabilities of tricking individuals into falling for his or her scams. That is why widespread companies from the likes of Google and Microsoft are exploited in malicious assaults. In reality, Google Drive ended 2021 as probably the most abused cloud storage service for malware downloads, in response to safety supplier Netskope.

SEE: Social engineering: A cheat sheet for enterprise professionals (free PDF) (TechRepublic)  

In its “January 2022 Cloud and Risk Report” launched Tuesday, Netskope famous that cloud storage apps gained even better adoption in 2021. For the 12 months, 79% of the purchasers analyzed used not less than one cloud storage app, up from 71% in 2020. The variety of cloud storage apps in use additionally rose. Organizations with 500 to 2,000 staff used 39 totally different cloud storage apps final 12 months, up from 35 the prior 12 months.

This elevated use of cloud functions has naturally excited cybercriminals, who’ve eagerly abused these apps to deploy malware. For 2021, cloud storage apps accounted for 69% of cloud-based malware downloads, down solely barely from 72% in 2020. These companies are ready-made targets for exploitation as attackers can simply create free accounts, add their infectious payloads after which share malicious paperwork with potential victims.

For the 12 months, Google Drive took the highest spot from Microsoft OneDrive because the cloud storage app with the best variety of malicious downloads, accounting for 37% of them. OneDrive fell to second place with 20% of the recorded malware downloads. Rounding out the highest 5 had been SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%.

Final 12 months’s outcomes distinction with these of 2020, by which OneDrive was probably the most exploited cloud storage app for malicious downloads with 29%, adopted by Field with 17%, Amazon S3 with 15%, SharePoint with 13% and Google Drive with simply 9%.

Past proof of Google’s rising recognition, there are different the explanation why Google Drive surpassed different companies in malware downloads final 12 months, in response to Netskope. In 2020, the Emotet botnet used Field to ship a lot of the malicious Workplace doc payloads. However with Emotet taken down by international legislation enforcement in early 2021, this exercise was dormant for a lot of the 12 months. To choose up the slack, attackers attempting to duplicate the success of Emotet turned to Google Drive to share malicious Workplace paperwork.

With cloud-based storage apps such a tempting goal for exploitation, how can people and organizations defend themselves towards malicious paperwork? Netskope presents the next ideas:

  1. Use single sign-on (SSO) and multi-factor authentication (MFA) for each managed and unmanaged apps. Implement adaptive coverage controls for step-up authentication primarily based on person, machine, app, information and exercise.
  2. Implement multi-layered, inline menace safety for all cloud and internet site visitors to dam malware from reaching your endpoints and to stop outbound malware communications.
  3. Arrange granular coverage controls to guard your information. Such controls ought to monitor and handle information transferring to and from apps in addition to between your group and private cases, together with IT, customers, web sites, units and places.
  4. Use cloud information safety to safe delicate information from inner and exterior threats throughout internet, e-mail, SaaS, shadow IT and public cloud companies. Undertake safety posture administration for Software program as a Service (SaaS) and Id as a Service (IaaS) fashions.
  5. Arrange behavioral evaluation to scan for insider threats, information exfiltration, compromised units and compromised credentials.

“The rising recognition of cloud apps has given rise to a few kinds of abuse described on this report: attackers attempting to achieve entry to sufferer cloud apps, attackers abusing cloud apps to ship malware, and insiders utilizing cloud apps for information exfiltration,” Netskope Risk Labs menace analysis director Ray Canzanese mentioned in a press launch. “The report serves as a reminder that the identical apps that you just use for reputable functions can be attacked and abused. Locking down cloud apps may help to stop attackers from infiltrating them, whereas scanning for incoming threats and outgoing information may help block malware downloads and information exfiltration.”

Additionally see

Recent Articles


Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox