Report: Majority of malware downloads in 2021 were traced to cloud apps

Did you miss a session from the Future of Work Summit? Head over to our Future of Work Summit on-demand library to stream.

According to a new report by Netskope, more than two-thirds of malware downloads came from cloud apps in 2021.

Examining changes in the malware landscape in 2021, the report highlights that attackers are enjoying more success abusing cloud apps to deliver malware payloads to their victims. For example, in Q2 2020, Netskope saw a sudden spike in malicious Office documents driven primarily by Emotet, which launched a large-scale and highly effective mal-spam campaign that delivered malicious Office documents using popular cloud apps. Since then, copycat groups have continued to abuse Office documents to deliver malware, and the quantity of malicious documents remains high above pre-Emotet levels.

Credential attacks against managed cloud apps continue at the same rate as 2020, but with a shift in the sources of the attacks. The top source of credential attacks in 2020 were a few heavy hitters responsible for numerous login attempts. In 2021, however, credential attacks came from a much larger number of sources, each responsible for fewer login attempts.

Finally, Netskope analyzed a different type of data risk — insider threats. In 2021, Netskope observed users leaving their jobs at twice the rate of 2020. Users leaving the organization pose a serious data security risk, with more than one out of every seven people using personal cloud storage apps to take data with them when they leave. The report examines how cloud storage apps’ overall popularity among users is a primary driver for their appearance at the top of the malware download and insider threat leaderboards.

Read the full report by Netskope.

Originally appeared on: TheSpuzz