Keeping your cloud malware-free: What you need to know

New WAF attack timelines show the start and end of a threat.
No more logs. See how →

This year we’ve seen massive malware attacks spanning from nation state campaigns originating in North Korea and Russia to popular restaurants and everything in between. Each new incident serves as a grim reminder to business leaders that hackers will not relent. Yet with cloud adoption growing rapidly in the enterprise, the odds of a malware infection spreading and leading to a potential breach are increasing.

According to a study conducted by the Ponemon Institute, almost 90 percent of businesses believe an increase in cloud usage will increase the probability of a data breach – and this trend isn’t going away anytime soon. As mobility and flexibility continue to be central to the modern workplace, cloud adoption – and the dangers that come with it – are going to become more prevalent than ever.

Netskope research shows that organizations use an average of 1,181 cloud services, but 92.7 percent of those services are not enterprise ready. Given malware’s ability to persist across system cleanups, infect collaborators in the same network and even spread to partner organizations, business leaders must manage this threat by employing tactics to contain the spread of viruses and ensure users are equipped to make safe decisions.

So, what are some of the best tips for keeping an organization secure?

Contain the spread of viruses with user segmentation

One effective way to contain the spread of viruses is through network segmentation where lateral movement of malware or threat actor is limited within the accessible network. However, such limitations are easy to bypass through ‘cloud-hopping’ – a technique where malware uses cloud applications to reach other users within the same organization where access through lateral movement is denied.

When network segmentation has not been implemented, periodic syncing of infected cloud app folders will result in malware uploading to cloud storage, which exposes other users within the organization who use the same common cloud application. For example, such threat propagation takes place in the way Virlock spreads through cloud fan-out effect.

In a recent report, the worst case scenario was identified involving a single user within a customer environment who shared infected files with as many as 280 other users. Similarly, 40 percent of companies surveyed, have a user sharing malwares with more than 200 other users. The lesson here is that to restrict the spread of infections through the cloud, users themselves must be wary of their reach, while network administrators can segment user groups so that sharing between them is limited.

Reduce malware through employee education

The same report found that although 80 percent of malicious files are hosted by a handful of users within an organization. The high concentration of malware on select users can be a consequence of them using unpatched workstations or regular exposure to unprotected networks. This points to the need for better education and enforcement of security policies across organizations.

A failure to instill a security-first mindset across your organization can get ugly quick. In a 2018 study from Ponemon, the average cost of a data breach increased to $3.86 million. The threat is not isolated to just one industry. For example, one healthcare organization was found to have have as many as 404 unique malware strains stored across its multiple cloud applications, such as Google Drive, Box, Dropbox and more, indicating that hackers are having no problem getting their malicious files into sensitive organizations. Educating employees on the importance of cloud security is one way to stop these infections at the root.

Moving beyond the malware

With over 1,000 cloud services in use in the average organization, it is important that IT teams and employees coordinate to prevent suspicious activity and potential threats on the network and identify existing issues as quickly as possible. With cloud adoption increasing each year, attackers are being presented with numerous new attack vectors everyday, and are quickly looking to find ways to exploit them for financial gain.

While there may never be a silver bullet for security, it is clear that businesses need to focus more on securing cloud systems if they are ever going to move the needle. But, with technology such as network segmentation and initiatives around cybersecurity education, defenders may just stand a chance in the battle against cybercriminals.

Are you protecting your users and sensitive O365 data from being leaked? Learn how Specops Authentication for O365 can help.