As enterprise cloud storage solutions steadily gain momentum across global markets, the anti-virus and malware security policies deployed to protect these pay-per-scale services become more and more robust. Naturally, the taller the castle wall becomes, the higher the siege ladder is built to climb it, but the perpetual battle between threat actors and cloud security practitioners appears to march us ever closer toward a safer digital future.
That said, the catastrophic damage from successful cloud storage attacks cannot be understated, and the evolution of this attack vector should never be underestimated. Public, private, and hosted cloud storage services are all extremely worthwhile targets for threat actors, playing host to valuable data that moves frequently between user devices, and a variety of potent attack vectors are regularly explored to penetrate networks through these locations. Threat actors can leverage well-known techniques like phishing to goad users into saving and storing malicious content in a public location, and they can disguise malware very effectively in direct client upload scenarios through built-in file features like Office macros or PDF password-protection measures.