Viruses Are Still the Most Frequent Form of Malware in the Cloud

Protecting files that reside in the cloud is a challenge for businesses today. To support organizations in this task, we identified, through Netskope Threat Research Labs, the main threats in the cloud, to provide a series of tips for immediate protection.

In fact, the cloud is a relatively new attack vector for hackers and malware writers. In this context, companies are looking for cloud antivirus solutions that mitigate blind spots in the cloud, including the activity performed by accesses outside the network or by connecting personal devices.

Viruses, a Threat That Remains Relevant

The conclusion of the research points out that the virus is the most frequent type of malware nowadays and, with downloaders and Trojans, affects business users from different sectors (financial, retail, health, construction, or technologies). In its most diverse versions, the malware chooses several applications in the cloud, such as Google Drive, Box, Dropbox, among others, to hide.

As a result of this trend, and given that this type of malware seeks to spread locally through network analysis, corporate users can choose to segment their LAN networks to contain the spread of viruses. Likewise, all downloads and file shares must be supported by threat identification mechanisms, capable of analysis.

However, it is important to understand that even the most stringent segmentation processes in an organization's network can be circumvented by malware that travels through cloud hopping (term in English for data migration in public and private clouds).

Malware that infects computers can persist indefinitely in all cleaning systems and infect employees within the organization, despite targeted networks. As a result, infections spread to member organizations, impacting responsibility, and compromising the company's reputation.

The Important Role of the User

Users are the owners of files in the cloud upload and download processes. For this reason, and considering that cloud storage applications regularly synchronize files from the user's workplace, it is easy to perform an unintended download of malware from the Internet on the workstation.

In cases like this, most infections come from a small number of users. The high concentration of malware in these matters can be a consequence of the use of unpatched workstations or the frequent exposure of unprotected networks. All of this underscores the need for better application of security policies in organizations.

Modern Data Protection for the Next Generation of Workloads

To restrict the spread of infections in the cloud, users must be suspicious of their reach, while network administrators can segment groups of users so that file sharing between them is limited.

To get a really effective result, both users and organizations must be more careful in the way they share files, while they still need to create secure networks to download content from the cloud, since these targeted attacks, as well as APTs, are capable of compromising networks from involuntary access to applications in the cloud.