Cyberattacks have been utilizing cloud applications as an avenue of distributing malware, as per recent studies. Researchers have identified that 68% of malware downloads were derived from cloud applications for the 2nd quarter of 2021. Cloud-based misconfigurations are often a contributing factor in terms of these issues.
About 66.4% of malware downloads for the 2nd quarter of 2021 have begun from cloud storage applications, according to studies made by security researchers.
Following it was the collaboration tools at 8.5% and development applications at 7.5%. On the other hand, 3.1% goes to infrastructure-as-a-service or IaaS and platform-as-a-service or PaaS platforms – being the lowest percentage of malware downloads.
According to researchers, attackers can easily bypass any blocklists and exploit any app-specific allow lists using cloud storage applications. Cloud service providers only act upon a malicious activity when it is raised and reported. Through this, attackers can maximize that time to operate any attacks, even in such a short period.
For the first half of 2021, cloud applications that are used by companies have risen to 22%. Organizations with more than 2,000 employees are reported to be using about 800 cloud applications. With this large number of cloud apps, researchers say that it has been difficult for firms to manage them. The rising number of cloud storage applications also comes with an increasing amount of malware downloads.
An issue has also arisen regarding the alignment of each app that is configured with its security needs. By 2025, there has been a prediction that about 99% of failures connected to cloud storage apps will be because of the customers. This prediction is as well similar to IaaS misconfigurations that have been being overlooked.
In terms of preventing malware from infecting your group, researchers say that it is all about the visibility you have over the cloud environment that is being used. Because of this, companies are opting into cloud security posture management that comes with cloud-native security tools to prevent possible malware infections.
Companies would also need to develop security standards for their data and the cloud-based applications that they use. With this, they will be able to match their security baselines against the developing threats in cybersecurity.