Netskope Threat Labs reveals Google apps are primary conduits for malware delivery in retail sector

0
87
Netskope Threat Labs reveals Google apps are primary conduits for malware delivery in retail sector
Netskope Threat Labs reveals Google apps are primary conduits for malware delivery in retail sector
  • Google Drive and Gmail are the most popular apps for malware downloads in the retail sector, diverging from the dominance of Microsoft OneDrive in other industries.

  • Trojans are the primary attack mechanism, tricking retail users into downloading other malware payloads.

  • WhatsApp is more popular for downloads in the retail sector than Sharepoint, posing a serious risk of using the personal messaging app as an enterprise collaboration tool.

Bangalore, India, November 20th, 2023: Netskope Threat Labs has released a report warning the retail sector to be vigilant that, unlike other industries where Microsoft OneDrive is both the most popular app used and the most popular app for malware downloads, Google apps are the main conduit for malware in retail.

While OneDrive is the most popular app used in retail, Google Drive and Google Gmail took the top two spots for malware delivery in the sector. Trojans are the primary attack mechanism, tricking retail users into downloading other malware payloads. Many of the malware families aim to steal banking information, credentials, personal information, and credit card information.

The popularity of WhatsApp is also well above the other sectors; on average, WhatsApp use in retail is three times more popular in retail than other verticals, ranking only behind OneDrive in terms of both uploads and downloads. This poses a serious risk not only because WhatsApp is a common delivery channel for malicious content such as malware or phishing pages, but also because these numbers suggest that the retail sector is using a personal instant messaging app as an enterprise collaboration tool, increasing the risk of data theft or data exposure—a WhatsApp message can be easily forwarded, for example.

“Attackers abuse cloud apps to fly under the radar and evade traditional security controls that do not inspect cloud traffic,” advises Ray Canzanese, Director of Netskope Threat Labs. “As the holiday shopping season approaches, retail employees and consumers must both be extra vigilant, as phishing, credential theft, and malware activity related to retail tends to increase at the end of the year.”

While the frequency of cloud malware delivery in retail generally follows the pattern of other industries over the past 12 months, peak times, such as April, May, and June this year, showed a comparatively high number of malware being delivered via cloud apps in retail. In April, for example, 70% of the malware delivered to retail was via cloud apps—10% more than other industries.

The report finds that Google Drive, Google Gmail, and WhatsApp are among the top five most popular apps for downloads in retail, and all three are significantly more popular than they are in other industries.

  • Google Drive is used by 34% of retail users, compared to 19% in other industries.
  • Gmail is used by 21% of retail users, compared to 13% in other industries.
  • WhatsApp is used by 17% of retail users vs. 5.9% in other industries, making it more popular than Sharepoint.

Netskope Threat Labs therefore recommends retail organizations take the following steps to review their security posture:

  • Conduct a thorough inspection of HTTP and HTTPS downloads to prevent malware infiltration.
  • In-depth analysis of high-risk file types before download, leveraging advanced threat protection
  • Configure policies to block unnecessary app downloads and uploads, reducing the risk surface.
  • Implement an Intrusion Prevention System (IPS) to identify and block malicious traffic patterns.
  • Adopt Remote Browser Isolation (RBI) technology for enhanced protection during website visits.

The full report is available here.

Also readBorn-in-the-cloud companies are now the frontrunners of the tech industry, says Prince Joseph, Group CIO at SFO Technologies

Do FollowCIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter 

About us:

CIO News, a proprietary of Mercadeo, produces award-winning content and resources for IT leaders across any industry through print articles and recorded video interviews on topics in the technology sector such as Digital Transformation, Artificial Intelligence (AI), Machine Learning (ML), Cloud, Robotics, Cyber-security, Data, Analytics, SOC, SASE, among other technology topics.