Question: Our practice uses a couple different cloud services to share files and keep HR documentation available to easily review. Should we be concerned about viruses or other threats sneaking into our network? Oregon Subscriber Answer: Yes, you should always be aware of and vigilant against possible cybersecurity threats. In fact, cloud services, while helpful, are apps that cyberthreat actors are leveraging to deliver and deploy malware in healthcare. In a March 2024 threat labs report, Netskope found that Microsoft OneDrive is the most popular app in healthcare for malware delivery. OneDrive, a cloud app, is widely used and is the most popular app in healthcare. Researchers found that 42 percent of healthcare workers use OneDrive per day. Healthcare is one of the most popular cybersecurity threat targets, and cloud services act as ideal delivery vehicles for malware. Netskope researchers found that approximately 40 percent of malware downloads in healthcare came from cloud apps, whereas an estimated 30 percent of malware downloads originated from the same source the year prior. Malware is more likely to be downloaded from cloud apps because cloud-based files tend to be trusted and the files can avoid common security measures, such as “domain block lists or [tools] that do not inspect cloud traffic,” Netskope wrote in the report.
Along with OneDrive, some of the popular cloud services used in healthcare include: According to the report, the most common malware families used to attack healthcare were the following: NjRat: This remote access trojan that allows the threat actor to access the victim’s camera, manage files, log the victim’s keystrokes, and steal credentials from web browsers. Amadey: This botnet collects an infected computer’s information and sends it to a C2 server. Azorult: This malware is an infostealer that captures credential information from the victim, such as account passwords. Reach out to your IT administrator or cybersecurity team to review your security policies and plans to protect your practice against all threats, including those that could originate from the cloud.