Public cloud services like Microsoft OneDrive and Google Drive fail to protect against zero-day malware
Hackers and cyber criminals are becoming wise to the fact that they can use cloud applications to spread malware.
In response, top cloud providers now offer malware protection in an attempt to stop files containing malware being uploaded. But a new report reveals that placing your trust in this protection may be ill-advised.
Cloud access security company Bitglass has found that Google Drive and Microsoft Office 365 (with built-in malware protection) were both unable to detect a piece of zero-day ransomware in a file that was uploaded to the cloud services.
In a separate scan of Bitglass customers' cloud applications, an average of one in three corporate instances of the popular cloud apps One Drive, Google Drive, Dropbox and Box contained malware. The scanned organizations hold, on average, nearly 450,000 files in the cloud -- one in 20,000 files contained malware. More than a fifth of the files containing malware were in Office formats (PowerPoint, Word etc) -- these are 'familiar' to end users, who are therefore likely to unwittingly open them and run the malware.
Microsoft OneDrive has the highest rate of infection at 55 percent. Google Drive the second highest rate of infection with 43 percent of instances being impacted, followed by Dropbox and Box with 33 percent each. This perhaps reflects the relative popularity of the services.
"Malware will always be a threat to the enterprise and cloud applications are an increasingly attractive distribution mechanism," says Mike Schuricht, VP of product management at Bitglass. "Most cloud providers do not provide any malware protection and those that do struggle to detect zero-day threats. Only an AI-based solution that evolves to detect new malware and ransomware can keep cloud data secure."
The tests were carried out using a piece of ransomware-as-a-service called ShurL0ckr. Neither Google Drive nor Microsoft Sharepoint were able to detect the ShurL0ckr ransomware with their built-in threat engines.
You can find out more in the full report available from the Bitglass website and there's an '80s-themed -- don't ask -- infographic summary below.