IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Cloud-delivered malware attacks almost tripled in 2022

The growing reliance on cloud applications has presented attackers with a broader pool of potential targets

The number of cloud applications used to deliver malware almost tripled in 2022 as users face an increasingly dangerous cyber threat landscape.  

More than 400 “distinct” cloud apps were used to target users with malware across the year, according to research from Netskope, with OneDrive highlighted as the most commonly abused app by threat actors.  

This increase reflects a growing trend in cloud security threats, the firm warned.  

Across 2022 there was a “drastic increase” in the number of users uploading content to the cloud, Netskope said, which presented attackers with a growing pool of prospective targets.  

“Cloud apps are widely used by businesses, a fact not lost on attackers, which view these apps as an ideal home for hosting malware and causing harm,” the company said.  

OneDrive accounted for over 25% of global user uploads while Google Gmail and Microsoft SharePoint saw a 7% and 5% in increase in usage respectively.  

As a result, Netskope said it observed a “sizeable” increase in cloud malware downloads over the course of the year, which came in stark contrast to the two years prior.  

OneDrive accounted for 30% of all cloud-based malware delivery, the study found, while Weebly and GitHub were also key platforms exploited by threat actors to deliver malicious files. 

OneDrive's popularity as a commonly used platform to deliver malware marks a change compared to previous research from Netskope. In 2021, Google Drive was identified as the go-to cloud app to deliver malicious software. 

“Attackers are increasingly abusing business-critical cloud apps to deliver malware by bypassing inadequate security controls,” said Ray Canzanese, research director at Netskope.

“That is why it is imperative that more organisations inspect all HTTP and HTTPS traffic, including traffic for popular cloud apps, both company and personal instances, for malicious content.” 

Cloud-delivered malware is surging 

A concerning observation from the Cloud Threat Report also highlighted the growing popularity of cloud-delivered malware compared to web-based attacks.  

Across 2022, cloud applications accounted for 48% of malware delivery, marking a 10% increase on the year previous – and this is expected to continue.  

Related Resource

IDC MarketScape: Worldwide unified endpoint management services

2022 vendor assessment

Whitepaper cover with title and logo on blue header banner and analysis chartFree Download

The growing reliance on cloud applications and infrastructure across a host of industries has accelerated this trend, the study found, and was fuelled by the rapid shift to remote and hybrid operations in the wake of the pandemic.  

“Cloud-delivered malware is now responsible for a much higher percentage of all malware delivery than ever before, especially in certain geographic regions and industries,” the firm said. 

The global telecoms industry saw a rapid increase in the volume of malware attacks last year, with 81% of attacks cloud-based compared to 59% in the year previous.  

The manufacturing, retail and healthcare industries also witnessed a surge in cloud-delivered malware attacks.  

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Recommended

Clare Lansley: The Aston Martin F1 CIO pioneering AI in motorsport
Data & insights

Clare Lansley: The Aston Martin F1 CIO pioneering AI in motorsport

6 Feb 2023
Hyperscaler earnings highlight period of evolution for cloud market
Cloud

Hyperscaler earnings highlight period of evolution for cloud market

3 Feb 2023
Worldwide surveillance industry on the cusp of major cloud acceleration
cloud storage

Worldwide surveillance industry on the cusp of major cloud acceleration

3 Feb 2023
Only 10% of businesses report benefitting from cloud technology
Cloud

Only 10% of businesses report benefitting from cloud technology

2 Feb 2023

Most Popular

Yandex data breach reveals source code littered with racist language
data breaches

Yandex data breach reveals source code littered with racist language

30 Jan 2023
Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
What's powering Britain’s fibre broadband boom?
Network & Internet

What's powering Britain’s fibre broadband boom?

3 Feb 2023