More than half of malware infected files in cloud apps are shared with others
The latest report on enterprise cloud usage and trends from cloud security specialist Netskope reveals that 55.9 percent of malware-infected files found in cloud apps are shared publicly.
It also finds that ransomware is now one of the most common threats, with 43.7 percent of malware infections found in enterprise cloud apps having delivered ransomware. These include Javascript exploits and droppers, Microsoft Office macros and PDF exploits.
Whilst attacks are often initially delivered through phishing and email, within cloud environments, infected and encrypted files can quickly spread to other users through cloud app sync and share functionality in what is known as the 'fan-out' effect.
"Our priority has always been giving IT teams the tools they need to not only have visibility into employee app usage and activity, but also understand and take action against the ways sensitive information can be shared or make its way into the wrong hands," says Sanjay Beri, founder and CEO of Netskope. "With the rise of ransomware, the cloud threat landscape is now increasingly complicated; IT teams need deeper intelligence, protection, and remediation that can help them stop malware and ransomware in their tracks and prevent them from spreading".
Among other findings are that in the top-20 most used apps, Microsoft continues to lead Google, with Office 365 Outlook.com and OneDrive for Business beating their counterparts from other vendors in session volume. Microsoft productivity apps are the number one and two most popular apps, unseating Facebook from its top spot.
Messaging and collaboration tool Slack gets into the top 20 most popular apps for the first time. Netskope points out that security teams will need to pay close attention to sensitive information being shared within collaboration apps, and prioritize visibility into and control over the apps with which Slack is integrated and sharing data.
The report also finds that cloud storage apps dominate cloud data loss prevention violations accounting for 76.5 percent of all violations, followed by webmail at 18.6 percent. Within cloud storage apps, manufacturing-focused enterprises had the largest percentage of DLP violating files, at 24 percent of all files scanned, followed by technology and IT services at 15 percent and healthcare and life sciences at 11 percent.
The full report is available from the Netskope site and there's a summary of the findings in infographic form below.
Image Credit: Brian A Jackson / Shutterstock