Thanks to the growing availability of vaccines and immunization campaigns in multiple countries, the world is starting to see a light at the end of the COVID-19 tunnel. We are eager to return to a new normal, being aware that some changes will be permanent, or if not permanent will strongly characterize the next years.
One of these changes is related to the widespread adoption of cloud applications, which have helped organizations cope with the effects of the pandemic: the sudden shift to a new distributed work environment has required connecting a dispersed workforce with collaborators, partners, and customers, and cloud apps have played a fundamental role in this process. We could say that the pandemic has accelerated digital transformation plans, and the effects will last well beyond this health crisis.
Unsurprisingly, cybercriminals have immediately monetized the rapid adoption of cloud services to launch more and more evasive campaigns that leverage the trust of users and organizations. To have an idea of this trend, in their latest Cloud and Threat Report, Netskope have highlighted that:
53% of web traffic is now composed of cloud applications.
61% of malware is delivered from the cloud.
13% of phishing campaigns are hosted in the cloud.
33% target cloud app credentials.
How we mitigate this threat
activereach partner with Netskope, a Cloud Access Security Broker. We can help organizations detect compromised corporate cloud accounts that are being abused to deliver malicious emails and to perform additional malicious activities.
The Netskope Next Generation Secure Web Gateway provides granular visibility for thousands of cloud applications including Microsoft and Google apps, allowing the inspection of traffic with granular access control, DLP, and threat protection policies with the further possibility to differentiate corporate and non-corporate instances. For example, it is possible to create a simple DLP policy that prevents the submission of corporate credentials inside a phishing page hosted into a rogue instance of a Microsoft or Google cloud service or prevent the download of a malicious payload with the multi-layer threat protection engine, regardless of the exploited services, and without considering it implicitly trusted simply because it’s Microsoft or Google.
Schedule a live online demonstration with one of our SWG experts today or call activereach on 0845 625 9025
This blog was adapted from an original written by Paolo Passeri and posted on the Netskope website on May 21, 2021.