Cloud malware delivery in India almost doubled from 33 per cent of all malware deliveries to 63 per cent between May 2022 and April 2023, significantly greater growth than global figures, according to a report by Netskope, a cybersecurity company. 

Cyber attackers are finding new ways to evade traditional detection and target Indian workers and organisations by delivering malware via popular cloud business applications. Cloud apps are now the preferred delivery mechanism for malware in India, said the report. 

The connectivity advances achieved across India in recent years have allowed organisations to accelerate their digital transformation, triggering the fast adoption of business cloud solutions. However, the advent of cloud computing also brings security and data protection challenges, with a risk of data leaks and breaches coming from these new applications, and trusted cloud applications providing the perfect hiding place for malware. 

The report shows that an overwhelming majority of users included in Netskope’s analysis download data from the cloud on a monthly basis (92 per cent), and more than two in three upload data to those same applications (68 per cent), creating a huge amount of cloud traffic that organisations need to monitor.

Alok Kothari, Managing Director for Netskope India, said, “Enterprises are having to defend against an onslaught of malware, and they can only do so efficiently by improving their network monitoring and detection to include cloud use.” 

Attackers are always finding new ways to target Indian organisations, leveraging new tools and technologies such as cloud applications or generative AI tools. Netskope aims to help Indian organizations stay ahead of bad actors in this cyber arms race, he added. 

Malicious actors are leveraging this extensive cloud use to deliver malware via popular cloud business apps that many Indian workers use on a daily basis, with OneDrive (35 per cent), Gmail (14 per cent), Weebly (7.5 per cent), Github (6.4 per cent), Sharepoint (5.2 per cent) and Google Drive (4.8 per cent) leading the ranking of the top cloud apps abused for malware download in India. 

Abusing cloud apps for malware delivery enables attackers to evade security controls that rely primarily on domain block lists and URL filtering or do not inspect cloud traffic.

The most common malware detected by Netskope in India were trojans (63 per cent), which are commonly used by attackers to gain an initial foothold and deliver other types of malware, such as infostealers, remote access trojans, backdoors, and ransomware, said the report.