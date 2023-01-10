U.S. markets open in 9 hours 2 minutes

  • S&P Futures

    3,904.75
    -9.00 (-0.23%)
     

  • Dow Futures

    33,602.00
    -68.00 (-0.20%)
     

  • Nasdaq Futures

    11,150.75
    -34.75 (-0.31%)
     

  • Russell 2000 Futures

    1,800.60
    -5.30 (-0.29%)
     

  • Crude Oil

    74.22
    -0.41 (-0.55%)
     

  • Gold

    1,876.80
    -1.00 (-0.05%)
     

  • Silver

    23.69
    -0.18 (-0.76%)
     

  • EUR/USD

    1.0743
    +0.0010 (+0.10%)
     

  • 10-Yr Bond

    3.5170
    -3.5690 (-100.00%)
     

  • Vix

    21.97
    -21.13 (-100.00%)
     

  • GBP/USD

    1.2173
    -0.0013 (-0.10%)
     

  • USD/JPY

    131.7560
    -0.1100 (-0.08%)
     

  • BTC-USD

    17,219.41
    -25.94 (-0.15%)
     

  • CMC Crypto 200

    407.01
    +0.72 (+0.18%)
     

  • FTSE 100

    7,724.94
    +25.45 (+0.33%)
     

  • Nikkei 225

    26,158.45
    +184.60 (+0.71%)
     

Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022

·4 min read

401 distinct cloud apps shown to deliver malware; Microsoft OneDrive delivered 30% of all cloud malware downloads

SANTA CLARA, Calif., Jan. 10, 2023 /PRNewswire/ -- Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research showing that over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year. Netskope researchers also found that 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive.

Cloud apps are widely used by businesses, a fact not lost on attackers, which view these apps as an ideal home for hosting malware and causing harm. The Cloud & Threat Report from Netskope Threat Labs examines how these cloud security trends are shifting and advises organizations on how to improve their security posture based on those shifts.

"Attackers are increasingly abusing business-critical cloud apps to deliver malware by bypassing inadequate security controls," said Ray Canzanese, Threat Research Director, Netskope Threat Labs. "That is why it is imperative that more organizations inspect all HTTP and HTTPS traffic, including traffic for popular cloud apps, both company and personal instances, for malicious content."

Rise in Uploads to Cloud Apps Means Rise in Malware-Delivered Downloads

The most significant change in cloud application use in 2022, compared to 2021, was the marked increase in the percentage of users uploading content to the cloud. According to Netskope data, over 25% of users worldwide uploaded documents daily to Microsoft OneDrive, while 7% did so for Google Gmail and 5% for Microsoft Sharepoint. The drastic increase in active cloud users across a record number of cloud applications led to a sizable increase in cloud malware downloads in 2022 from 2021, after remaining close to flat in 2021 compared to 2020.

The correlation between uploads and downloads among the most popular apps is no coincidence. Nearly a third of all cloud malware downloads originated from Microsoft OneDrive, with Weebly and GitHub coming in the next closest among cloud apps at 8.6% and 7.6%, respectively.

Cloud-Delivered Malware Is Increasingly More Prevalent Than Web-Delivered Malware

Industries have increased their reliance on cloud applications and cloud infrastructure to support business operations over the last several years—a trend further accelerated by the COVID-19 pandemic and a worldwide shift toward hybrid work. As a result, cloud-delivered malware is now responsible for a much higher percentage of all malware delivery than ever before, especially in certain geographic regions and industries.

In 2022, several geographic regions saw significant increases in the overall percentage of cloud vs. web-delivered malware compared to 2021, including:

  • Australia (50% in 2022 compared to 40% in 2021)

  • Europe (42% in 2022 compared to 31% in 2021)

  • Africa (42% in 2022 compared to 35% in 2021)

  • Asia (45% in 2022 compared to 39% in 2021)

In certain industries, cloud-delivered malware also became more predominant globally, especially:

  • Telecom (81% in 2022 compared to 59% in 2021)

  • Manufacturing (36% in 2022 compared to 17% in 2021)

  • Retail (57% in 2022 compared to 47% in 2021)

  • Healthcare (54% in 2022 compared to 39% in 2021)

Cyber Preparedness: The Remote Workforce is Here to Stay

Companies have made considerable adjustments to enable remote and hybrid workplaces to flourish. While some industries sought to bring employees back to the office on a more frequent basis in 2022, remote work options appear to remain largely in place. According to Netskope data, user dispersion—the ratio of the number of users on the Netskope platform to the number of network locations from which those users' traffic originates—is 66%, the same percentage it was at the start of the pandemic over two years ago.

Remote and hybrid work dynamics continue to pose multiple cybersecurity challenges, including how to securely provide users access to the company resources they need to do their jobs and how to scalably and securely provide users access to the internet.

Netskope recommends organizations take the following actions to avoid increased risk of security incidents stemming from cloud- and web-delivered malware:

  • Enforce granular policy controls to limit data flow, including flow to and from apps, between company and personal instances, among users, to and from the web, adapting the policies based on device, location, and risk.

  • Deploy multi-layered, inline threat protection for all cloud and web traffic to block inbound malware and outbound malware communications.

  • Enable multi-factor authentication for unmanaged enterprise apps.

Get the full Netskope Cloud and Threat Report: 2022 Year in Review here.

For more information on cloud-enabled threats and our latest findings from Netskope Threat Labs, visit Netskope's Threat Research Hub.

About Netskope

Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.

Media Contact:
press@netskope.com

Cision
Cision

View original content:https://www.prnewswire.com/news-releases/netskope-threat-research-malware-delivering-cloud-apps-nearly-tripled-in-2022-301717314.html

SOURCE Netskope

Recommended Stories

  • Apple Plans to Drop Key Broadcom Chip to Use In-House Design

    (Bloomberg) -- Apple Inc.’s push to replace the chips inside its devices with homegrown components will include dropping a key Broadcom Inc. part in 2025, according to people familiar with the situation, dealing a blow to one of its biggest suppliers. Most Read from BloombergUS Safety Agency to Consider Ban on Gas Stoves Amid Health FearsRental Housing Is Suddenly Headed Toward a Hard LandingGoldman to Cut About 3,200 Jobs This Week After Cost ReviewStocks Give Up Rally Above Key Mark After Feds

  • Blackberry (BB) at CES 2023: A Look at Main Announcements

    Blackberry's (BB) IVY and QNX solution is leveraged by leading automakers and software developers.

  • Cybersecurity Stocks To Watch As Microsoft Flexes Cloud Platforms

    Cybersecurity stocks have underperformed vs. the S&P 500. But cloud security companies may be better positioned as corporate budgets tighten.

  • German government warns of ‘Godfather’ malware targeting banking, crypto apps

    Germany said "Godfather" virus generates a fake copy of a banking or crypto app login screen to appropriate a user's information and steal funds.

  • 3 Things About Verizon Communications That Smart Investors Know

    Verizon Communications (NYSE: VZ), the largest wireless carrier in the United States, is considered by many to be a stable blue-chip dividend stock for conservative investors. The original AT&T (NYSE: T) was co-founded by Alexander Graham Bell in 1885 as a subsidiary of the Bell Telephone Company. In the 1980s, the U.S. Department of Justice finally forced AT&T to split its sprawling business into several smaller companies known as the "Baby Bells."

  • Chart of the Day: This Communications Firm Has Been Incredibly Efficient

    Verizon has been accelerating on strong volume. So it was just a matter of time before we saw big money stepping in to buy the stock as VZ was also sporting a robust dividend yield. The chart, below, shows a strong move of late to an overbought condition, as overbought as it has been in years.

  • 3 Top Web3 Stocks to Buy in January

    Smart investors should keep an eye on vital Web3 stocks as this industry grows and more money flows into it. You can get started with these essential Web3 stocks and the cryptocurrency at the heart of it all.

  • 2 Top Stocks in Warren Buffett's Secret Portfolio to Buy Now and Hold Forever

    Berkshire owns New England Asset Management (NEAM), a financial institution with $5.9 billion in invested assets, but none of those securities will appear in Berkshire's 13F filings. Instead, NEAM files its own Form 13Fs with the Securities and Exchange Commission. To be perfectly clear, Buffett does not control NEAM's invested assets, at least not directly, but he does run the company that ultimately owns those assets.

  • Microsoft Considers $10 Billion Investment in ChatGPT Creator

    (Bloomberg) -- Microsoft Corp. is in discussions to invest as much as $10 billion in OpenAI, the creator of viral artificial intelligence bot ChatGPT, according to people familiar with its plans.Most Read from BloombergUS Safety Agency to Consider Ban on Gas Stoves Amid Health FearsRental Housing Is Suddenly Headed Toward a Hard LandingGoldman to Cut About 3,200 Jobs This Week After Cost ReviewStocks Give Up Rally Above Key Mark After Fedspeak: Markets WrapCommodity Ship Heads for Inspection Aft

  • Solana, Cardano Tokens See Price Bump Amid Strong Transactional Activity

    The two tokens added nearly 20% in the past 24 hours as of Asian morning hours on Monday.

  • Apple follows Mark Zuckerberg into the metaverse with plan to launch VR headset

    Apple is poised to follow Mark Zuckerberg into the metaverse with the launch of a virtual reality headset in the coming months.

  • Meta has a big new problem for its VR aspirations—Apple’s coming for the throne

    Apple's long-awaited mixed-reality headset is expected to debut this spring.

  • Synaptics CEO Says Chip Shortages Could Return Sooner Than You Think

    Synaptics President and CEO Michael Hurlston says the current semiconductor glut could reverse in a hurry, and leave component makers once again scrambling.

  • iPhone Exports from India Double to Surpass $2.5 Billion

    (Bloomberg) -- Apple Inc. exported more than $2.5 billion of iPhones from India from April to December, nearly twice the previous fiscal year’s total, underscoring how the US tech giant is accelerating a shift from China with geopolitical tensions on the rise.Most Read from BloombergUS Safety Agency to Consider Ban on Gas Stoves Amid Health FearsRental Housing Is Suddenly Headed Toward a Hard LandingGoldman to Cut About 3,200 Jobs This Week After Cost ReviewStocks Give Up Rally Above Key Mark Af

  • Apple VP of services Stern to depart: report

    Stern, who joined the iPhone maker from Time Warner Cable in 2016, will leave at the end of the month, according to the report. Apple did not immediately respond to a Reuters request for comment. A prominent media executive, Stern oversaw an expansion of Apple's paid subscription businesses, particularly its television offering, Apple TV+.

  • The Best, Coolest, and Weirdest Gadgets at CES 2023

    CES 2023 marked the annual tech expo’s triumphant return after it went virtual in 2021 and faced lackluster attention in 2022. The general vibe? Well, you know that feeling you get when you had three months to write an essay but only got it done the week it was due? Las Vegas was certainly packed this year, but despite having two smaller shows before this year’s CES, the major keynote’s big announcements this year were either niche, expected, or didn’t give much info away.

  • Virtual Worlds, Real-Life Use Cases: How Web2 and Web3 Tackled the Metaverse at CES 2023

    In the four-day tech trade show, companies from across sectors flocked to Las Vegas to showcase their latest innovations. Several brands introduced metaverse technology, hinting at trends to watch out for in the coming year.

  • Disney asks employees to work from office four days a week - CNBC

    However, with the rise of vaccinations and fall in severe cases that require hospitalization, Disney's move mirrors other companies like Snap, Tesla and Uber in asking employees to return to office. The move also comes after Iger returned as chief executive officer replacing Bob Chapek in November, a surprise comeback that coincided with Disney's attempt to boost investor confidence and profits at its streaming media unit.

  • Is T-Mobile A Buy Or Sell As Telecom Stock Outperforms S&P 500?

    T-Mobile holds an edge in 5G wireless spectrum but will its market share gains vs. rivals continue? What the analysis says about TMUS stock.

  • Can Shiba Inu Reach $1 in 2023?

    This remarkable price performance even incorporates SHIB's 90% fall over the past 14 months. What are the chances that Shiba Inu, currently the 16th most valuable cryptocurrency with a market cap of just under $5 billion (as of this writing), reaches $1 in 2023? Seeing the limitations with Dogecoin, the dog-themed meme token of its predecessor, the founders of Shiba Inu made its token, SHIB, compatible with the vast Ethereum ecosystem, thus connecting it to different protocols.