Google Drive accounted for essentially the most malware downloads from cloud storage websites in 2021

Google Drive accounted for essentially the most malware downloads from cloud storage websites in 2021

Google took excessive spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared paperwork with unsuspecting customers, says Netskope.

Drawing of Google Drive logo, with words

Illustration: Andy Wolber/TechRepublic

The extra that cybercriminals can make the most of a reputable service, the higher their probabilities of tricking individuals into falling for his or her scams. That is why in style companies from the likes of Google and Microsoft are exploited in malicious assaults. In actual fact, Google Drive ended 2021 as essentially the most abused cloud storage service for malware downloads, based on safety supplier Netskope.

SEE: Social engineering: A cheat sheet for enterprise professionals (free PDF) (TechRepublic)  

In its “January 2022 Cloud and Risk Report” launched Tuesday, Netskope famous that cloud storage apps gained even larger adoption in 2021. For the yr, 79% of the shoppers analyzed used no less than one cloud storage app, up from 71% in 2020. The variety of cloud storage apps in use additionally rose. Organizations with 500 to 2,000 workers used 39 completely different cloud storage apps final yr, up from 35 the prior yr.

This elevated use of cloud purposes has naturally excited cybercriminals, who’ve eagerly abused these apps to deploy malware. For 2021, cloud storage apps accounted for 69% of cloud-based malware downloads, down solely barely from 72% in 2020. These companies are ready-made targets for exploitation as attackers can simply create free accounts, add their infectious payloads after which share malicious paperwork with potential victims.

For the yr, Google Drive took the highest spot from Microsoft OneDrive because the cloud storage app with the best variety of malicious downloads, accounting for 37% of them. OneDrive fell to second place with 20% of the recorded malware downloads. Rounding out the highest 5 have been SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%.

Final yr’s outcomes distinction with these of 2020, through which OneDrive was essentially the most exploited cloud storage app for malicious downloads with 29%, adopted by Field with 17%, Amazon S3 with 15%, SharePoint with 13% and Google Drive with simply 9%.

Past proof of Google’s growing recognition, there are different the explanation why Google Drive surpassed different companies in malware downloads final yr, based on Netskope. In 2020, the Emotet botnet used Field to ship many of the malicious Workplace doc payloads. However with Emotet taken down by international legislation enforcement in early 2021, this exercise was dormant for many of the yr. To select up the slack, attackers attempting to duplicate the success of Emotet turned to Google Drive to share malicious Workplace paperwork.

With cloud-based storage apps such a tempting goal for exploitation, how can people and organizations shield themselves in opposition to malicious paperwork? Netskope provides the next ideas:

  1. Use single sign-on (SSO) and multi-factor authentication (MFA) for each managed and unmanaged apps. Implement adaptive coverage controls for step-up authentication based mostly on consumer, system, app, knowledge and exercise.
  2. Implement multi-layered, inline menace safety for all cloud and internet site visitors to dam malware from reaching your endpoints and to stop outbound malware communications.
  3. Arrange granular coverage controls to guard your knowledge. Such controls ought to observe and handle knowledge shifting to and from apps in addition to between your group and private cases, together with IT, customers, web sites, units and places.
  4. Use cloud knowledge safety to safe delicate knowledge from inner and exterior threats throughout internet, electronic mail, SaaS, shadow IT and public cloud companies. Undertake safety posture administration for Software program as a Service (SaaS) and Identification as a Service (IaaS) fashions.
  5. Arrange behavioral evaluation to scan for insider threats, knowledge exfiltration, compromised units and compromised credentials.

“The growing recognition of cloud apps has given rise to a few sorts of abuse described on this report: attackers attempting to realize entry to sufferer cloud apps, attackers abusing cloud apps to ship malware, and insiders utilizing cloud apps for knowledge exfiltration,” Netskope Risk Labs menace analysis director Ray Canzanese mentioned in a press launch. “The report serves as a reminder that the identical apps that you simply use for reputable functions will probably be attacked and abused. Locking down cloud apps may also help to stop attackers from infiltrating them, whereas scanning for incoming threats and outgoing knowledge may also help block malware downloads and knowledge exfiltration.”

Additionally see


Please enter your comment!
Please enter your name here