Google took implicit the apical spot for malicious downloads from Microsoft OneDrive arsenic attackers created escaped accounts, uploaded malware and shared documents with unsuspecting users, says Netskope.
The much that cybercriminals tin instrumentality vantage of a morganatic service, the amended their chances of tricking radical into falling for their scams. That's wherefore fashionable services from the likes of Google and Microsoft are exploited successful malicious attacks. In fact, Google Drive ended 2021 arsenic the astir abused unreality retention work for malware downloads, according to information supplier Netskope.
SEE: Social engineering: A cheat expanse for concern professionals (free PDF) (TechRepublic)
In its "January 2022 Cloud and Threat Report" released Tuesday, Netskope noted that unreality retention apps gained adjacent greater adoption successful 2021. For the year, 79% of the customers analyzed utilized astatine slightest 1 unreality retention app, up from 71% successful 2020. The fig of unreality retention apps successful usage besides rose. Organizations with 500 to 2,000 employees utilized 39 antithetic unreality retention apps past year, up from 35 the anterior year.
This accrued usage of unreality applications has people excited cybercriminals, who person eagerly abused these apps to deploy malware. For 2021, unreality retention apps accounted for 69% of cloud-based malware downloads, down lone somewhat from 72% successful 2020. These services are ready-made targets for exploitation arsenic attackers tin easy make escaped accounts, upload their infectious payloads and past stock malicious documents with imaginable victims.
For the year, Google Drive took the apical spot from Microsoft OneDrive arsenic the unreality retention app with the top fig of malicious downloads, accounting for 37% of them. OneDrive fell to 2nd spot with 20% of the recorded malware downloads. Rounding retired the apical 5 were SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%.
Last year's results opposition with those of 2020, successful which OneDrive was the astir exploited unreality retention app for malicious downloads with 29%, followed by Box with 17%, Amazon S3 with 15%, SharePoint with 13% and Google Drive with conscionable 9%.
Beyond grounds of Google's expanding popularity, determination are different reasons wherefore Google Drive surpassed different services successful malware downloads past year, according to Netskope. In 2020, the Emotet botnet utilized Box to present astir of the malicious Office papers payloads. But with Emotet taken down by planetary instrumentality enforcement successful aboriginal 2021, this enactment was dormant for astir of the year. To prime up the slack, attackers trying to duplicate the occurrence of Emotet turned to Google Drive to stock malicious Office documents.
With cloud-based retention apps specified a tempting people for exploitation, however tin individuals and organizations support themselves against malicious documents? Netskope offers the pursuing tips:
- Use azygous sign-on (SSO) and multi-factor authentication (MFA) for some managed and unmanaged apps. Implement adaptive argumentation controls for step-up authentication based connected user, device, app, information and activity.
- Implement multi-layered, inline menace extortion for each unreality and web postulation to artifact malware from reaching your endpoints and to forestall outbound malware communications.
- Set up granular argumentation controls to support your data. Such controls should way and negociate information moving to and from apps arsenic good arsenic betwixt your enactment and idiosyncratic instances, including IT, users, websites, devices and locations.
- Use unreality information extortion to unafraid delicate information from interior and outer threats crossed web, email, SaaS, shadiness IT and nationalist unreality services. Adopt information posture absorption for Software arsenic a Service (SaaS) and Identity arsenic a Service (IaaS) models.
- Set up behavioral investigation to scan for insider threats, information exfiltration, compromised devices and compromised credentials.
"The expanding popularity of unreality apps has fixed emergence to 3 types of maltreatment described successful this report: attackers trying to summation entree to unfortunate unreality apps, attackers abusing unreality apps to present malware, and insiders utilizing unreality apps for information exfiltration," Netskope Threat Labs menace probe manager Ray Canzanese said successful a property release. "The study serves arsenic a reminder that the aforesaid apps that you usage for morganatic purposes volition beryllium attacked and abused. Locking down unreality apps tin assistance to forestall attackers from infiltrating them, portion scanning for incoming threats and outgoing information tin assistance artifact malware downloads and information exfiltration."
Cybersecurity Insider Newsletter
Strengthen your organization's IT information defenses by keeping abreast of the latest cybersecurity news, solutions, and champion practices. Delivered Tuesdays and ThursdaysSign up today
- Hackers exploit Google Docs successful caller phishing campaign (TechRepublic)
Malicious bureau documents: The latest inclination successful cybercriminal exploitation
Phishing onslaught exploits Craigslist and Microsoft OneDrive
10 tips for protecting your unreality information and accounts
- WFH is simply a cybersecurity "ticking clip bomb," according to a caller report (TechRepublic)
- Shadow IT policy (TechRepublic Premium)
- Phishing attacks: A usher for IT pros (TechRepublic download)