Cloud Malware Delivery in India Almost Doubles from 33% to 63% in a Year: Netskope report

Netskope today unveiled new research showing that cyber attackers are finding new ways to evade traditional detection and targeting Indian workers and organisations by delivering malware via popular cloud business applications. Based on anonymised usage of hundreds of thousands of Indian workers between May 2022 and April 30 2023, the data shows that cloud malware delivery in India almost doubled from 33% of all malware deliveries, to 63%; significantly greater growth than global figures. Cloud apps are now the preferred delivery mechanism for malware in India.

Connectivity advances achieved across India in recent years have allowed organisations to significantly accelerate their digital transformation, triggering the fast adoption of business cloud solutions across teams and departments for more efficiency and agility. However, the advent of cloud computing also brings security and data protection challenges, with a risk of data leak and breaches coming from these new applications, and trusted cloud applications providing the perfect hiding place for malware.

The report shows that an overwhelming majority of users included in Netskope’s analysis download data from the cloud on a monthly basis (92%), and more than two in three upload data to those same applications (68%), creating a huge amount of cloud traffic that organisations need to monitor.

Malicious actors are leveraging this extensive cloud use to deliver malware via popular cloud business apps that many Indian workers use on a daily basis, with OneDrive (35%), Gmail (14%), Weebly (7.5%), Github (6.4%), Sharepoint (5.2%) and Google Drive (4.8%) leading the ranking of the top cloud apps abused for malware download in India. Abusing cloud apps for malware delivery enables attackers to evade security controls that rely primarily on domain block lists and URL filtering, or that do nor inspect cloud traffic.

The most common malware detected by Netskope in India were trojans (63%), which are commonly used by attackers to gain an initial foothold and deliver other types of malware, such as infostealers, remote access trojans, backdoors and ransomware.

Alok Kothari, Managing Director for Netskope India, commented on the data; “Enterprises are having to defend against an onslaught of malware, and they can only do so efficiently by improving their network monitoring and detection to include cloud use. Legacy security technology is cloud-blind, unable to provide granular visibility or control over the data flowing to and from cloud applications, and too many organisations still create security exceptions for enterprise cloud applications such as Microsoft OneDrive – which we know is the source of more malware downloads than any other cloud app. Attackers are always finding new ways to target Indian organisations, leveraging new tools and technologies such as cloud applications or generative AI tools, and our aim is to help Indian organisations stay ahead of bad actors in this cyber arms race.”

cloud securityNetskope
Comments (0)
Add Comment