The dark side of the cloud: almost half of all cyber threats are cloud-based


Cybercriminals are increasingly using the cloud to gain unobtrusive access, increase their success rate and evade detection.

The more cloud usage spreads throughout enterprises, the greater the risk of corresponding attacks. What almost sounds like a trivial finding is now also confirmed quantitatively by initial studies.

Almost half of all malicious threats now originate from the cloud (44 percent). Clearly, cybercriminals are increasingly using the cloud as an effective method of remaining undetected. This is the central finding of an analysis of millions of user data worldwide, carried out by the American cloud security specialist Netskope from Santa Clara/California.

“Kroker’s Look @ IT” publishes the results of the new “Cloud and Threat Report” today exclusively in advance.

According to the report, the overwhelming majority of all corporate users are now in the cloud and actively use at least one cloud app every day (89 percent). Cloud storage, collaboration and webmail applications are the most commonly used.

An average of 142 apps are officially approved in these categories, but users tend to draw on a much wider range of apps in their daily activities. As a result, the average enterprise has over 2400 different cloud services and applications in use.

  • Google Drive
  • YouTube
  • Microsoft Office 365 for Business
  • Facebook
  • Google Gmail
  • Microsoft Office 365 SharePoint
  • Microsoft Office 365
  • Twitter
  • Amazon S3
  • LinkedIn

Attackers use the cloud to gain unobtrusive access, increase their success rate and evade detection. Cybercriminals often launch their attacks through cloud services and apps, using familiar techniques. The two most popular attack techniques from the cloud are phishing and malware distribution.

The top 5 cloud apps attacked:

Microsoft Office 365 for Business
Google Drive
Microsoft Azure
More than 50 percent of data breaches are related to cloud storage, collaboration and webmail applications. In addition, analysis of the attacks shows that users are moving sensitive data across multiple dimensions between a variety of cloud services and apps, including personal instances and unmanaged apps that violate corporate policies. In addition, 37 percent of the data users move across cloud apps is sensitive.

As if that weren’t enough, one-third of enterprise users work outside the office every day in an average of more than eight locations, accessing both public and private apps in the cloud (33 percent). This poses new challenges for appropriate defenses to protect remote workers.