Cloud apps were the biggest source of malware in 2021

News
By published

Malicious actors taking advantage of popular cloud platforms

Man tapping a cloud icon
(Image credit: Shutterstock)

Cloud applications are now the number one distributor of malware, with Google Drive being the most popular vertical among malicious actors, new research has claimed.

A report from Netskope says two-thirds of all malware distributed in 2021 went through cloud apps. Even though the percentage of malware distributed through cloud apps rose throughout 2020, it plateaued for most of 2021, a trend that Netskope expects to continue this year, as well.

Of all the cloud apps used for the distribution of malware, cloud storage apps, such as Google Drive, were the most popular ones. The report’s authors argue this is due to the popularity, and the ease of use, provided by these tools. The number of cloud storage services that were abused to distribute malicious code rose from 93 in 2020, to more than 230 in 2021. 

Stealing data on the way out

Together with Google Drive, OneDrive, Sharepoint, Amazon and Github round off the top five most used platforms.

Most of the time, crooks would use these cloud platforms to distribute weaponized Office documents. The share of these documents among all malicious files rose from 19% at the beginning of 2020, to 37% at the end of 2021. 

The success of Emotet, Dridex, as well as various other “copycats”, is to blame for this increase. 

Cloud apps are also risky due to the “Great Resignation”. During 2021, Netskope uncovered that people were quitting jobs at double the rate, compared to the year before (8% in 2021, compared to 4% in 2020). Sometimes, people leaving the company would take sensitive data with them, and in the absence of better options, they upload these documents to cloud storage apps. 

The report says that between 2020 and 2021, an average of 29% of users downloaded more files from managed corporate instances, while 15% uploaded more files to their personal app instances, all in the last 30 days of employment.

Of those people, half uploaded five times more files than what they’d usually upload, while 8% uploaded 100 times their usual data volume. A tiny portion (1%) uploaded more than 1000 times of their usual data volume, prompting Netskope to conclude that there is “significant and deliberate movement” of data, from users about to quit.

TOPICS
Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
NordVPN
US hit with over 1.9 billion malware threats last year - here's how to stay safe
Flags of Iran, China, Russia and North Korea on a wall. China North Korea Iran Russia alliance
Cybercrime is helping fund rogue nations across the world - and it's only going to get worse, Google warns
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
malware
Google warns of legit VPN apps being used to infect devices with malware
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC
More about security
Android Logo

Devious new Android malware uses a Microsoft tool to avoid being spotted
Google Chrome

Google Chrome security flaw could have let hackers spy on all your online habits
The cast of The Residence peek from a doorway

Netflix's #2 most-watched show is the new madcap whodunnit The Residence –here are 3 more mysteries to stream next
See more latest
Most Popular
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
Render of a new RTX 4000 Max-Q gaming laptop.
I can't say I'm surprised, but Nvidia's RTX 5090 laptop GPU has a big performance leap over its predecessor, according to early benchmarks
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Apple Music on a tablet, showing a new Listening Guide feature
Apple Music Classical just got 3 excellent perks in its biggest upgrade since launch
Google Pixel Buds Pro 2
Cleaned your Pixel Buds Pro 2 recently? If not, you might be getting worse sound