Cloud applications were the most common source of malware in 2021

According to recent data, cloud apps are now the number one spreader of malware, with Google Drive being the most preferred vertical among malicious actors.

According to Netskope research, cloud applications were responsible for two-thirds of all malware spread in 2021. Although the proportion of malware delivered through cloud applications increased during 2020, it remained stable for most of 2021, a pattern that Netskope expects to continue this year as well.

Cloud storage programs, such as Google Drive, were the most common among all cloud apps used for virus propagation. The report’s authors suggest that this is attributable to the popularity and simplicity of use of these technologies. The number of cloud storage providers exploited to disseminate malicious code increased from 93 in 2020 to more than 230 in 2021.

Data theft on the way out

Google Drive, OneDrive, Sharepoint, Amazon, and Github round out the top five most popular platforms.

The majority of the time, criminals would exploit cloud services to spread weaponized Office documents. The proportion of these papers among total harmful files increased from 19% at the start of 2020 to 37% at the end of 2021.

This rise may be attributed to the popularity of Emotet, Dridex, and other “copycats.”

Because of the “Great Resignation,” cloud applications are also hazardous. Netskope discovered that individuals were abandoning occupations at double the rate in 2021 compared to the previous year (8 percent in 2021, compared to 4 percent in 2020). When employees leave the organization, they may take confidential material with them, and in the lack of other choices, they may upload these papers to cloud storage applications.

According to the research, between 2020 and 2021, an average of 29% of users downloaded more files from managed corporate instances, while 15% uploaded more files to their personal app instances, all within the last 30 days of employment.

Half of those persons uploaded five times the amount of files they regularly upload, and 8% uploaded 100 times the amount of data they normally upload. A small percentage (1%) uploaded more than 1000 times their normal data volume, causing Netskope to infer that there is a “substantial and purposeful transfer” of data from users preparing to leave.