Proliferates in the Cloud
cloud and mobile are a boon for productivity and agility, they
are also a compelling target for hackers looking to distribute
malware and steal sensitive data.
•A New Strain of Ransomware Making its way to a Cloud Near You: The Bitglass Threat Research Team identified a new strain of the Gojdue ransomware on the dark web and tested the built-in malware protection services of Google Drive and Microsoft Office 365. Dubbed ShurL0ckr, the ransomware-as-a-service works the same way as the widely covered Satan ransomware. Hackers pay a percentage to the author after generating and distributing a ransomware payload that encrypts files on disk.
•Native Cloud AV Fails to Detect Zero-day Malware: Neither Google Drive nor Microsoft Sharepoint were able to detect the ShurL0ckr ransomware with their built-in threat engines. When scanned against antivirus engines, only seven percent, or 5-in-67 detected the malware – one of these engines was Cylance, which protects Bitglass customers.
•Malware is Pervasive in the Cloud: 44 percent of scanned organizations had some form of malware in at least one of their cloud applications.
•Malware Doesn’t Discriminate, All SaaS Apps are Impacted: On average, one in three corporate instances of SaaS apps contained malware. Of the four major SaaS applications – OneDrive, Google Drive, Box, and Dropbox – Microsoft OneDrive had the highest rate of infection at 55 percent. Google Drive had the second highest rate of infection with 43 percent of instances being impacted, followed by Dropbox and Box with 33 percent each.
•Which File Types are Malware in Disguise?: Bitglass identified the top five file categories by infection rate. Scripts and executables (42 percent), which can launch malicious applications with the click of a button, are the most common infected file type. Microsoft Office files, common corporate file types that most users trust and open without hesitation, ranked second (21 percent).