Google Drive accounted for the most malware downloads in 2021
NetSkope research malware downloaded via cloud apps is now more prevalent than web-delivered malware
Google Drive accounted for the most malware downloads in 2021, taking the top spot from Microsoft OneDrive.
The cloud storage service accounted for 37% of all malicious downloads last year, according to the January edition of Netskope's Cloud and Threat report.
Cloud storage: How secure are Dropbox, Google Drive, iCloud and OneDrive? How secure is Google Drive? What is malware?
Google Drive took the number one from Microsoft OneDrive, which fell to second place with 20% of recorded malware downloads. Rounding out the top five were SharePoint with 9%, Amazon S3 with 6% and GitHub with 3%.
IT Pro contacted Google, Microsoft and Amazon for comment but had not received a response at the time of publication.
Netskope, a US-based cyber security provider, noted that cloud storage apps gained even greater adoption in 2021, with 79% of customers analysed using at least one cloud storage app, which is up from 71% in 2020. The number of cloud storage apps in use also rose, with organisations with 500 to 2,000 employees using 39 different cloud storage apps last year.
What's more, cloud-delivered malware is now more prevalent than variants are downloaded via the web. In 2021, cloud app malware accounted for 66% of all malware downloads, up from 46% at the start of 2020.
Aside from its increasing popularity, there are other reasons why Drive surpassed other services when it came to malware downloads, according to Netskope. For example, the Emotet botnet that used Box to deliver malicious Office document payloads was taken down early in 2021 but ended up inspiring hackers to use Google Drive to share malicious Office documents.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
"The increasing popularity of cloud apps has given rise to three types of abuse described in this report: attackers trying to gain access to victim cloud apps, attackers abusing cloud apps to deliver malware, and insiders using cloud apps for data exfiltration," Netskope Threat Labs threat research director Ray Canzanese said.
"The report serves as a reminder that the same apps that you use for legitimate purposes will be attacked and abused. Locking down cloud apps can help to prevent attackers from infiltrating them, while scanning for incoming threats and outgoing data can help block malware downloads and data exfiltration."
Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.
Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.