Cloud Malware Delivery Surges In India, Outpacing Global Trends: Report
In a recent report, alarming statistics emerged as data showed that cloud malware delivery in India almost doubled from 33 per cent of all malware deliveries to 63 per cent.
These numbers indicate significantly greater growth in India than globally. It was found that cloud apps are now the preferred delivery mechanism for malware in India.
The remarkable growth of cloud malware delivery can be attributed to the widespread adoption of cloud solutions among organisations in India. Recent advancements in connectivity have accelerated digital transformation, prompting businesses to embrace cloud-based tools to enhance efficiency and agility. However, this surge in cloud computing has also opened doors to security and data protection challenges, including the risk of data leaks and breaches originating from these applications.
According to the analysis conducted by Netskope, an overwhelming majority of users in India regularly download data from the cloud, with a staggering 92 per cent of users accessing cloud services on a monthly basis. Additionally, 68 per cent of users upload data to cloud applications, resulting in a significant volume of cloud traffic that requires careful monitoring by organizations.
Exploiting this extensive cloud usage, malicious actors have leveraged popular cloud business apps used by Indian workers on a daily basis to deliver malware. Among the top cloud apps abused for malware downloads in India, OneDrive takes the lead with 35 per cent followed by Gmail (14 per cent), Weebly (7.5 per cent), Github (6.4 per cent), Sharepoint (5.2 per cent) and Google Drive (4.8 per cent). Attackers utilise cloud apps for malware delivery as it enables them to evade security controls that primarily rely on domain block lists and URL filtering, or that do not inspect cloud traffic thoroughly.
The report identified trojans as the most common type of malware detected by Netskope in India, accounting for 63 per cent of the instances. Trojans are often used by attackers as an initial foothold to deliver other types of malware, including infostealers, remote access trojans, backdoors, and ransomware.
