Cloud-based security threats are growing at a faster rate than ever, as threat actors find new and innovative ways to push malware (opens in new tab) through the novel technology.
Netskope’s latest Cloud & Threat Report: Global Cloud and Web Malware Trends paper found more than half (55%) of all HTTP and HTTPS malware downloads came from cloud apps, up from 35% for the same period a year before.
That makes it more than a 50% jump year-on-year.
Malicious apps multiplying
The rise is due to an increase in people downloading malware from popular enterprise cloud applications, Netskope further claims. Microsoft’s OneDrive is seen as the most popular enterprise app “by a wide margin”. Furthermore, the number of applications with malware downloads also continued rising, with Netskope identifying 261 different malicious apps in Q1 this year.
To make matters worse, malware delivered over what’s considered “risky web categories” makes up but a tiny portion of total web malware downloads, with the majority of the downloads being spread out over different sites. Content delivery networks (CDNs) are actually used the most, with a market share of 7.7%.
In general, five in 1,000 enterprise users tried to download malware in Q1 2023, with new variants taking up almost three-quarters (72%) of those downloads. What’s more, almost 10% of all downloads started with a search engine query, as threat actors weaponize data voids and SEO poisoning for queries that have very few results. “This represents just one of many social engineering techniques that attackers are accelerating,” the researchers say.
Finally, social engineering reigns supreme as the key malware delivery technique with email, collaboration apps, and chat apps, are being leveraged to trick people into downloading malware. Trojans are the most popular malware type with 60% of all downloads. Phishing downloads took up 13%.