Fri. Jan 21st, 2022

Google took excessive spot for malicious downloads from Microsoft OneDrive as attackers created free accounts, uploaded malware and shared paperwork with unsuspecting customers, says Netskope.

Drawing of Google Drive logo, with words

Illustration: Andy Wolber/TechRepublic

The extra that cybercriminals can reap the benefits of a reliable service, the higher their possibilities of tricking individuals into falling for his or her scams. That is why in style providers from the likes of Google and Microsoft are exploited in malicious assaults. In actual fact, Google Drive ended 2021 as probably the most abused cloud storage service for malware downloads, in line with safety supplier Netskope.

SEE: Social engineering: A cheat sheet for enterprise professionals (free PDF) (TechRepublic)  

In its “January 2022 Cloud and Menace Report” launched Tuesday, Netskope famous that cloud storage apps gained even larger adoption in 2021. For the 12 months, 79% of the shoppers analyzed used not less than one cloud storage app, up from 71% in 2020. The variety of cloud storage apps in use additionally rose. Organizations with 500 to 2,000 workers used 39 totally different cloud storage apps final 12 months, up from 35 the prior 12 months.

This elevated use of cloud functions has naturally excited cybercriminals, who’ve eagerly abused these apps to deploy malware. For 2021, cloud storage apps accounted for 69% of cloud-based malware downloads, down solely barely from 72% in 2020. These providers are ready-made targets for exploitation as attackers can simply create free accounts, add their infectious payloads after which share malicious paperwork with potential victims.

For the 12 months, Google Drive took the highest spot from Microsoft OneDrive because the cloud storage app with the best variety of malicious downloads, accounting for 37% of them. OneDrive fell to second place with 20% of the recorded malware downloads. Rounding out the highest 5 have been SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%.

Final 12 months’s outcomes distinction with these of 2020, by which OneDrive was probably the most exploited cloud storage app for malicious downloads with 29%, adopted by Field with 17%, Amazon S3 with 15%, SharePoint with 13% and Google Drive with simply 9%.

Past proof of Google’s rising recognition, there are different the reason why Google Drive surpassed different providers in malware downloads final 12 months, in line with Netskope. In 2020, the Emotet botnet used Field to ship many of the malicious Workplace doc payloads. However with Emotet taken down by international legislation enforcement in early 2021, this exercise was dormant for many of the 12 months. To select up the slack, attackers attempting to duplicate the success of Emotet turned to Google Drive to share malicious Workplace paperwork.

With cloud-based storage apps such a tempting goal for exploitation, how can people and organizations shield themselves towards malicious paperwork? Netskope presents the next suggestions:

  1. Use single sign-on (SSO) and multi-factor authentication (MFA) for each managed and unmanaged apps. Implement adaptive coverage controls for step-up authentication primarily based on consumer, system, app, knowledge and exercise.
  2. Implement multi-layered, inline risk safety for all cloud and net site visitors to dam malware from reaching your endpoints and to stop outbound malware communications.
  3. Arrange granular coverage controls to guard your knowledge. Such controls ought to monitor and handle knowledge shifting to and from apps in addition to between your group and private cases, together with IT, customers, web sites, gadgets and areas.
  4. Use cloud knowledge safety to safe delicate knowledge from inside and exterior threats throughout net, e-mail, SaaS, shadow IT and public cloud providers. Undertake safety posture administration for Software program as a Service (SaaS) and Identification as a Service (IaaS) fashions.
  5. Arrange behavioral evaluation to scan for insider threats, knowledge exfiltration, compromised gadgets and compromised credentials.

“The rising recognition of cloud apps has given rise to 3 forms of abuse described on this report: attackers attempting to achieve entry to sufferer cloud apps, attackers abusing cloud apps to ship malware, and insiders utilizing cloud apps for knowledge exfiltration,” Netskope Menace Labs risk analysis director Ray Canzanese mentioned in a press launch. “The report serves as a reminder that the identical apps that you just use for reliable functions can be attacked and abused. Locking down cloud apps can assist to stop attackers from infiltrating them, whereas scanning for incoming threats and outgoing knowledge can assist block malware downloads and knowledge exfiltration.”

Additionally see

Source link

By admin

Leave a Reply

Your email address will not be published. Required fields are marked *