Light Dark
September 23, 2021 By David Bisson 2 min read
News

Cloud apps are now the most common way digital attackers distribute malware. In the second quarter of 2021, researchers found that 68% of malware downloads originated from cloud apps, reported ZDNet. In order to keep your cloud security up, it’s important to know where problems might come from. Specifically, cloud-based misconfigurations could often be a contributing factor. Read on to learn what types of apps factored into these attacks.

Where Cloud Security Problems Start

According to a study by Netskope, most (66.4%) of malware instances in Q2 2021 started with cloud storage apps. They were followed by collaboration apps and development tools at 8.5% and 7.8%, respectively.

Meanwhile, infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) platforms accounted for the lowest proportion of malware downloads, at 3.1% for the quarter.

By using cloud apps, attackers can “bypass blocklists and take advantage of any app-specific allow lists.”

“Although attacks launched from the cloud are typically short-lived — the cloud service provider removes the malicious content when it is reported — attackers have illustrated that they can capitalize on the attack within the short time window that they have,” according to Netskope.

Cloud Complexity Can Lead to Problems

This amount of malware comes with an increasing rise in the number of cloud apps, the number of which used by enterprises increased 22% during the first half of 2021. Groups with upwards of 2,000 employees now use 805 distinct cloud apps.

With so many, it can be hard to manage those services. Sometimes, it’s a question of knowing that all those cloud apps exist in the first place. Per the study, 97% of the cloud apps were shadow IT that existed outside the purview of the IT department.

There’s also the issue of configuring all those apps in a way that aligns with security needs. Gartner predicted that 99% of all cloud security failures will be the customer’s fault through 2025. That’s the same proportion of IaaS misconfigurations that never get noticed, as shared by Help Net Security.

Cloud Security: How to Prevent Malware

The key is to have visibility over the cloud environments you use. So, many organizations are turning to cloud security posture management along with cloud-native security tools to gain it.

As part of their ongoing cloud journeys, organizations need to also develop security baselines for all their assets, including their cloud-based apps. It’s then up to them to align their assets to those baselines, monitor for configuration drift so that they can fix potential issues and update those baselines in a way that matches the evolving threat landscape.

 |  |  |  |  | 
David Bisson
Contributing Editor

More from News
November 18, 2024

Research finds 56% increase in active ransomware groups

4 min read - Any good news is welcomed when evaluating cyber crime trends year-over-year. Over the last two years, IBM’s Threat Index Reports have provided some minor reprieve in this area by showing a gradual decline in the prevalence of ransomware attacks — now accounting for only 17% of all cybersecurity incidents compared to 21% in 2021. Unfortunately, it’s too early to know if this trendline will continue. A recent report released by Searchlight Cyber shows that there has been a 56% increase in…

November 4, 2024

Cyberattack on American Water: A warning to critical infrastructure

3 min read - American Water, the largest publicly traded United States water and wastewater utility, recently experienced a cybersecurity incident that forced the company to disconnect key systems, including its customer billing platform. As the company’s investigation continues, there are growing concerns about the vulnerabilities that persist in the water sector, which has increasingly become a target for cyberattacks. The breach is a stark reminder of the critical infrastructure risks that have long plagued the industry. While the water utility has confirmed that…

October 28, 2024

CISA and FBI release secure by design alert on cross-site scripting 

3 min read - CISA and the FBI are increasingly focusing on proactive cybersecurity and cyber resilience measures. Conjointly, the agencies recently released a new Secure by Design alert aimed at eliminating cross-site Scripting (XSS) vulnerabilities, which have long been exploited to compromise both data and user trust. Cross-site scripting vulnerabilities occur when a web application improperly handles user input, allowing attackers to inject malicious scripts into web pages that are then executed by unsuspecting users. These vulnerabilities are dangerous because they don't attack…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature