September 2016 Cloud Report: 43.7 Percent of Cloud Malware are Ransomware Delivery Vehicles

Today we released our quarterly Cloud Report – global as well as Europe, Middle East and Africa versions. In this quarter’s report, besides our usual cloud app usage numbers and cloud data loss prevention (DLP) stats, we focus on cloud threats and malware with a special emphasis on ransomware. As ransomware continues to haunt organizations of all sizes, Netskope Threat Research Labs have kept abreast of new forms, releasing research examples of strains like Zepto, cuteRansomware, and others.

One critical finding for this quarter is that 43.7 percent of the cloud malware types we detected in cloud apps are common ransomware delivery vehicles. This is taken from the combination of Javascript exploits and droppers, Microsoft Office macros, and PDF exploits. These delivery vehicles may deliver other forms of malware, but are now often being used for ransomware. For the full breakdown of cloud malware types detected in cloud apps, we found that Javascript exploits and droppers comprised 17.1 percent, Microsoft Office macros 15.8 percent, PDF exploits 10.8 percent, Linux malware 18.4 percent, backdoors 23.1 percent, and Other rounded out the categories at 14.8 percent. We also found that 55.9 percent of malware-infected files were shared with either internal or external collaborators, a significant increase from 26.2 percent last quarter.

Average cloud apps per enterprise increased from 935 last quarter to 977 this quarter. The Microsoft Office 365 suite continues its dominance in our top-used cloud apps list, with OneDrive for Business and Outlook.com taking the number 1 and 2 spots, respectively. Interestingly, collaboration and messaging app Slack debuted on our list at number 20, indicating the rising popularity and adoption at enterprises.

In terms of cloud DLP violations, Cloud Storage was the main app category for this, at 76.5 percent, followed by Webmail at 18.6 percent and Other at 4.9 percent.

We have more statistics in each section of the full report. Check out the full September 2016 Cloud Report for all of the stats and recommendations from Netskope.