In its latest Cloud & Threat Report: Global Cloud and Web Malware Trends, Netskope identified that on average, five out of every 1,000 enterprise users attempted to download malware in Q1 2023. New malware families and variants represented 72 per cent of those malware downloads.
In the research, Netskope found social engineering continues to dominate as a leading malware infiltration technique with attackers abusing email, collaboration apps, and chat apps to trick their victims.
In addition, nearly 10 per cent of all malware downloads in Q1 were referred from search engines. These downloads mostly resulted from weaponised data voids, or combinations of search terms that have very few results, which means that any content matching those terms is likely to appear very high in the search results.
For the first time in its quarterly cloud and threat reporting, Netskope analysed attacker communication channels. Researchers found that attackers, in order to consistently evade detection, have used HTTP and HTTPS over ports 80 and 443 as their primary communication channel.
Ray Canzanese, threat research director, Netskope Threat Labs, explained, “Job number one for attackers is finding new ways to cover their tracks as enterprises put more resources into threat detection, but these findings indicate just how easy it still is for attackers to do so in plain sight.
“As attackers gravitate towards cloud services that are widely used in the enterprise and leverage popular channels to communicate, cross-functional risk mitigation is more necessary than ever.”