Nearly half of cloud-based malware delivers ransomware

Infected and encrypted files can be spread through app sync and share functionality.


Concerns over ransomware have grown considerably this year, and for good reason. A new study finds that nearly half of all cloud-based malware now delivers ransomware applications.

That is the finding of the September Netskope Cloud Report, which looks at the prevalence of ransomware and how it spreads through cloud applications within an organization. The study found that 43.7 percent of malware found in enterprises cloud apps have delivered ransomware, and that 55.9 percent of malware-infected files found in cloud apps are shared publically.

Also See: Tool turns tables on ransomware

To put the threat in perspective, the report says the typical organization has 26 pieces of malware found in cloud apps. Of the 43.7 percent that deliver ransomware, those typically involve common ransomware delivery vehicles, including Javascript exploits and droppers, Microsoft Office macros and PDF exploits.



“These ransomware attacks are often initially delivered through phishing and email attacks, but within cloud environments, infected and encrypted files can quickly spread to other users through cloud app sync and share functionality in what is known as the fan-out effect,” the report warns.

The vulnerability to ransomware will only get worse, the report cautions, as organizations invest more in cloud-based applications. The study found that on average, a typical large organization now has 977 cloud-based apps in use, up from 935 last quarter.

Further, 94.7 percent of those apps are not considered “enterprise-ready” according to the Netskope Cloud Confidence Index scoring system. This means “they lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability, and vulnerability remediation,” the firm noted.

More for you

Loading data for hdm_tax_topic #care-team-experience...