43.7% of cloud-based malware delivers ransomware

According to a new Netskope report, 43.7% of malware found in enterprises cloud apps have delivered ransomware, and 55.9% of malware-infected files found in cloud apps are shared publicly. Enterprises, on average, have 977 cloud apps in use, up from 935 last quarter.

cloud-based malware

Types of cloud malware detected

For the third quarter running, Netskope Threat Research Labs examined the presence of malware in enterprises, finding that there are on average 26 pieces of malware found in cloud apps across a given organization. 56 percent of malware-infected files in cloud apps are shared with internal or external users, or shared publicly.

Of the malware types detected, 43.7% are common ransomware delivery vehicles, including Javascript exploits and droppers, Microsoft Office macros and PDF exploits. These ransomware attacks are often initially delivered through phishing and email attacks, but within cloud environments, infected and encrypted files can quickly spread to other users through cloud app sync and share functionality in what is known as the fan-out effect.

The most popular cloud app

Among the top-20 most used apps, Microsoft continues to lead Google, with Office 365 Outlook.com and OneDrive for Business beating out their counterparts from other vendors in session volume. Microsoft productivity apps are the number one and two most popular apps, unseating Facebook from its spot at No. 1 for the first time.

Slack cracks the top 20

Supporting the notion that enterprises are eagerly adopting new collaboration tools, Slack has entered the top 20 most popular apps for the first time. Security teams will need to prioritize this trend and pay close attention to sensitive information being shared within collaboration apps, and prioritize visibility into and control over the apps with which Slack is integrated and sharing data.

Apps responsible for most Cloud DLP violations

Cloud storage apps dominate cloud DLP violations accounting for 76.5 percent of all violations, followed by webmail at 18.6 percent. Within cloud storage apps, manufacturing-focused enterprises had the largest percentage of DLP violating files, at 24 percent of all files scanned, followed by Technology and IT Services at 15 percent and Healthcare and Life Sciences at 11 percent.

Enterprise cloud app usage continues to rise

Netskope found that enterprises, on average, have 977 cloud apps in use – up from 935 last quarter. 94.7% of those apps are not considered “enterprise-ready” according to the Netskope Cloud Confidence Index™ scoring system, meaning they lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability, and vulnerability remediation.

Financial Services organizations had the highest number of cloud apps in use, averaging 1,133 per organization. This was followed by Retail, Restaurants and Hospitality industries, which had 963 cloud apps in use per organization.


Subscribe to the Help Net Security breaking news e-mail alerts:


Don't miss