A new report by the Netskope Threat Labs, a team of threat researchers from cybersecurity and networking company Netskope, has revealed that Australia is ahead of other regions regarding cloud usage and malware delivered via cloud ecosystems. The report finds that popular cloud business applications are primarily used to deliver malware to relevant Australian organisations and workers.
The data analysed between October 2022 and September 2023 shows that Australian workers used an average of 30 different cloud apps each month, as opposed to an average of 22 in other regions. More disturbingly, cloud malware delivery in Australian organisations reached an average of 64% of all malware deliveries, compared to 56% in other regions.
The most used cloud apps exploited for malware delivery were OneDrive, Sharepoint, Github, Weebly and Outlook.com. The analysis also identified that a significant majority of users (97%) download data from and upload data to the cloud every month, increasing the risk of potential data breaches.
Ray Canzanese, Director of the Netskope Threat Labs, says: "Beyond the significant impact on their customers, what the recent high-profile Australian data breaches did was put Australia even higher on the list of prime targets of global threat actors who realised Australian organisations may have inconsistent levels of cybersecurity awareness and preparedness."
According to Canzanese, the sharp increase in malware delivered via popular cloud apps from November 2022 is a testament to the heightened cybersecurity challenges local businesses have to defend themselves against, many originating from cloud ecosystems. Trojans were identified as the most common type of malware (76%), commonly used by threat actors to gain an initial foothold to deliver other types of malware.
Canzanese adds: "Legacy security technology, which is still used by a number of Australian organisations, is often blind to cloud ecosystems and unable to provide granular visibility and control over the data."
"Cloud ecosystems have become a primary potential source for cyber threats in 2023, and it is critical that organisations improve application and network monitoring and detection capabilities to include cloud use," says Ray Canzanese.
The research was based on anonymised usage data collected by the Netskope Security Cloud platform from a subset of Netskope Australian customers with prior authorisation.
In Australia, Netskope provides threat protection to more than 625,000 private and government workers, including one in four organisations from the ASX50, through ongoing monitoring of their network, cloud ecosystem, and data flows.
Netskope is a global Secure Access Service Edge (SASE) expert redesigning cloud, data, and network security to assist organisations in applying zero trust principles and protecting data. Thousands of customers, including over 25 Fortune 100, trust Netskope and its robust NewEdge network to deal with evolving threats, risks, technology shifts, and new regulatory requirements.