Cloud apps are coming under increasing attack

News
By published

Telco firms are particularly vulnerable

An abstract image of a cloud raining data.
(Image credit: Pixabay)

Employees in the telecommunications industry interact with fewer cloud apps in their day-to-day work, compared to people in other verticals. However, they are still the biggest victims of cloud-sourced malware. 

This is according to a new report from Netskope Threat Labs, claiming cloud apps are being increasingly abused in malware attacks, with telco firms being particularly vulnerable. 

Based on an analysis of Netskope’s 2,500+ customers in the telecommunications industry, the report says that users in this vertical upload and download files to cloud apps at a similar rate, compared to other industries while, at the same time, using fewer apps on average.

Biggest victims

The average user in the telco vertical interacts with 24 cloud apps in any given month, the majority being in the Microsoft ecosystem (OneDrive, Teams, Outlook).

In fact, OneDrive is the most popular app for uploading data, with 30% of users in the industry using it to upload files daily (50% more than the average). It’s also similar with downloads - 35%.

While all organizations, regardless of their size or vertical, are targeted by cloud-borne malware, telcos are the biggest victims by a 7% margin compared to everyone else, Netskope explained. OneDrive and GitHub had the most malware downloads, followed by Outlook. Most of the time, the victims would grab the remote access trojan (RAT) Remcos, the malicious loader Guloader, and a popular infostealer named AgentTesla.

According to Paolo Passeri, Cyber Intelligence Principal at Netskope, this discrepancy in the percentage of malware delivered stems from a more “open attitude” employees in telecommunications have towards cloud services. 

“This open attitude towards online services is also visible in the malware families that target telecoms users. In comparison to other verticals, there are many more malware families targeting this sector,” Passeri explained.

Finally, he said that different cloud services are abused in different stages of the attack chain, with Guloader storing the encrypted payload on cloud services, for example, or Gandoreiro abusing Azure to deliver the final payload.

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
Fraude en ligne phishing
Phishing clicks nearly tripled in 2024 as criminals aim for smarter attacks
Malware worm
Coordinated global mobile malware campaign targets banking apps and cryptocurrency platforms
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Microsoft Teams and other Windows tools hijacked to hack corporate networks
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft 365 accounts are under attack from new malware spoofing popular work apps
An iPhone sitting on a wooden table
Millions at risk as malicious PDF files designed to steal your data are flooding SMS inboxes - how to stay safe
Latest in Security
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak
A major Keenetic router data leak could put a million households at risk
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple routers hit by new critical severity remote command injection vulnerability, with no fix in sight
Code Skull
This dangerous new ransomware is hitting Windows, ARM, ESXi systems
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Latest in News
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
Zotac Gaming RTX 5090 Graphics Card
Nvidia Blackwell stock woes are compounded by price hikes as more RTX 5090 GPUs soar in pricing, and I’m sick and tired of it all at this point
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Four operators survey Verdansk. One holds a sniper rifle, one binoculars, another holds is landing with their parachute, while the last wears a skull mask
New Call of Duty: Warzone trailer shows a beautiful rebuilt Verdansk, but some fans want more: 'it won't be the same unfortunately'
An Apple Music pink/pixellated poster advertising DJ with Apple Music
DJ with Apple Music lands, allowing subscribers to build and mix DJ sets directly from its +100 million-song catalog
More about security
cybersecurity

Chinese government hackers allegedly spent years undetected in foreign phone networks
Data leak

A major Keenetic router data leak could put a million households at risk
Mobile phone with logo of video game distribution platform Steam operated by Valve on screen in front of web page

How to gift a game on Steam
See more latest
Most Popular
OpenAI logo
OpenAI just launched a free ChatGPT bible that will help you master the AI chatbot and Sora
Monster Hunter Wilds
Monster Hunter Wilds Title Update 1 launches in early April, adding new monsters and some of the best-looking armor sets I need to add to my collection
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Sony WF-C710N in blue glass on beige background
Sony WF-C710 earbuds land, and I think they'll be the 2025 budget buds to beat
The RIG M2 Streamstar attached to a boom arm.
The RIG M2 Streamstar is a new microphone with the world's first Bluetooth audio gateway in a wired gaming mic
Four operators survey Verdansk. One holds a sniper rifle, one binoculars, another holds is landing with their parachute, while the last wears a skull mask
New Call of Duty: Warzone trailer shows a beautiful rebuilt Verdansk, but some fans want more: 'it won't be the same unfortunately'
Data leak
A major Keenetic router data leak could put a million households at risk
A collage of Elizabeth Olsen's Scarlet Witch and Tatiana Maslany's She-Hulk
Marvel fans are already tired of Doomsday and Secret Wars cast gossip as two more superheroes get linked with roles in the next two Avengers movies
Quordle on a smartphone held in a hand
Quordle hints and answers for Wednesday, March 26 (game #1157)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Wednesday, March 26 (game #388)