Netskope has released the fifth edition of its Cloud and Threat Report, which covers the risks, threats and trends of cloud data throughout the quarter and highlights data indicating that cloud storage apps now account for more than 66% of cloud malware delivery.
The researchers behind the report said that cybercriminals deliver malware via cloud apps “to bypass blocklists and take advantage of any app-specific allow lists.”
Cloud service providers generally detect and remove most malware immediately, but some attackers have found ways to do significant damage in the short time they spend undetected in a system.
According to Netskope researchers, 35% of all workloads within AWS, Azure and GCP are also exposed to the public internet, with public IP addresses accessible from anywhere on the internet.
RDP servers – said to have become “a popular infiltration vector for attackers” – were exposed to 8.3% of the workload. Today, the average company, with 500 to 2,000 employees, uses 805 different apps and cloud services, 97% of which are “unmanaged and often freely adopted by business units and users.”
The company’s report says employees who leave an organization upload three times more data to their personal apps in their final month at the company.
The uploads leave business data exposed because much of it is uploaded to personal Google Drive and Microsoft OneDrive, which are frequent targets for cyberattackers. Netskope’s findings show that “15% either upload files that were copied directly from managed app instances or that violate a corporate data policy.”
The report illustrates the decline in risky browsing but also highlights the “growing danger of malicious Office documents” and cloud configurations as, particularly high-risk problems.
For more information, you may view the original story from ZDNet.
