Netskope Report Reveals 43.7% of Cloud-Based Malware Delivers Ransomware

Quarterly report on enterprise cloud app usage also sees more than half of malware-infected files in cloud apps shared with others

Netskope, the leader in cloud security, today announced the release of the September 2016 Netskope Cloud Report™ on enterprise cloud app usage and trends. In response to the growing threat of ransomware across enterprises, the report took a closer look at the prevalence of ransomware and how it spreads through cloud apps within an organization. According to the report, 43.7% of malware found in enterprises cloud apps have delivered ransomware, and 55.9% of malware-infected files found in cloud apps are shared publicly. The report also found that enterprises, on average, have 977 cloud apps in use, up from 935 last quarter.

Ransomware Emerges as One of the Most Prevalent Forms of Malware

For the third quarter running, Netskope Threat Research Labs examined the presence of malware in enterprises, finding that there are on average 26 pieces of malware found in cloud apps across a given organization. 56 percent of malware-infected files in cloud apps are shared with internal or external users, or shared publicly.

Of the malware types detected, 43.7% are common ransomware delivery vehicles, including Javascript exploits and droppers, Microsoft Office macros and PDF exploits. These ransomware attacks are often initially delivered through phishing and email attacks, but within cloud environments, infected and encrypted files can quickly spread to other users through cloud app sync and share functionality in what is known as the fan-out effect.

Additional Findings

• Microsoft Beats Out Google, Facebook as Most Popular Cloud App: Among the top-20 most used apps, Microsoft continues to lead Google, with Office 365 Outlook.com and OneDrive for Business beating out their counterparts from other vendors in session volume. Microsoft productivity apps are the number one and two most popular apps, unseating Facebook from its spot at No. 1 for the first time. This shows that Microsoft Office 365 adoption remains strong among enterprises.

• Slack Cracks the Top 20 Amid Increasing Enterprise Popularity: Supporting the notion that enterprises are eagerly adopting new collaboration tools,  Slack has entered the top 20 most popular apps for the first time. Security teams will need to prioritize this trend and pay close attention to sensitive information being shared within collaboration apps, and prioritize visibility into and control over the apps with which Slack is integrated and sharing data.

• Cloud Storage Apps Responsible for Vast Majority Cloud Data Loss Prevention (DLP) Violations: Cloud storage apps dominate cloud DLP violations accounting for 76.5 percent of all violations, followed by webmail at 18.6 percent. Within cloud storage apps, manufacturing-focused enterprises had the largest percentage of DLP violating files, at 24 percent of all files scanned, followed by Technology and IT Services at 15 percent and Healthcare and Life Sciences at 11 percent.

“Our priority has always been giving IT teams the tools they need to not only have visibility into employee app usage and activity, but also understand and take action against the ways sensitive information can be shared or make its way into the wrong hands,” said Sanjay Beri, founder and CEO, Netskope. “With the rise of ransomware, the cloud threat landscape is now increasingly complicated; IT teams need deeper intelligence, protection, and remediation that can help them stop malware and ransomware in their tracks and prevent them from spreading.”

Enterprise Cloud App Usage Continues to Rise: Breakdown of Cloud Apps By Industry

Netskope found that enterprises, on average, have 977 cloud apps in use — up from 935 last quarter. 94.7% of those apps are not considered “enterprise-ready” according to the Netskope Cloud Confidence Index™ scoring system, meaning they lack key functionalities such as security, audit and certification, service-level agreement, legal, privacy, financial viability, and vulnerability remediation.

Financial Services organizations had the highest number of cloud apps in use, averaging 1,133 per organization. This was followed by Retail, Restaurants and Hospitality industries, which had 963 cloud apps in use per organization.

Average Cloud Apps Per Enterprise by App Category

Apps in the Marketing and Collaboration categories had the highest number of cloud apps per enterprise. Despite the growing popularity of productivity and collaboration apps like Slack, the vast majority are still not enterprise-ready. IT should be mindful of not only which apps its teams are using, but the types of activities and information being shared within those apps.   

Netskope Resources

• Download the Netskope Cloud Report for more detailed analysis and to see the full list of the most widely used cloud apps by enterprises
• Learn more about how to gain visibility into enterprise cloud apps and how to ensure they are secure and compliant
• Visit the Netskope Hub for the latest commentary and insight on trends from the Netskope team

About the Netskope Cloud Report

Based on aggregated, anonymized data from the Netskope Active Platform, which provides discovery, surgical visibility and control over any cloud app, the report’s findings are based on millions of users in hundreds of accounts in the global Netskope Active Platform from April 1 through June 30, 2016.

About Netskope

Netskope is the leader in cloud security. Using patented technology, Netskope’s cloud-scale security platform provides context-aware governance of all cloud usage in the enterprise in real-time, whether accessed from the corporate network, remote, or from a mobile device. This means that security professionals can understand risky activities, protect sensitive data, stop online threats, and respond to incidents in a way that fits how people work today. With granular security policies, the most advanced cloud DLP, and unmatched breadth of workflows, Netskope is trusted by the largest companies in the world. Netskope — cloud with confidence. To learn more, visit our website.