A latest report analysed approximately 136 million SaaS security events across 2,100 small and medium businesses (SMB) globally and identified cyber trends negatively impacting businesses.
Over the last several weeks, there has been a sharp rise in activity from countries with consistently high levels of both attempted and successful attacks originating within their borders — Russia and China. The vast volumes of data analyzed suggests these countries may even be coordinating attack efforts.
The findings of the report take into account security events occurring across more than 120,000 user accounts during the period of January 1st to December 31st, 2021 and shows that the vast majority of attacks on top SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox are originating from the countries of Russia and China.
Other key findings from the report focus on common threat vectors that are putting SMBs at risk including a shocking ratio of guest user accounts (versus licensed accounts) being leveraged by SMBs with 42% of the over 129,000 monitored SaaS accounts being guest user accounts.
The report finds that the three most common critical SaaS application security alerts stem from:
· User location outside approved location: An alert which is triggered when there’s a successful login to a user account from outside of an approved location or an approved IP address range.
· SaaS integration: Indicates that account credentials have been used to connect to a third-party application which may lead to data and other account information sharing between SaaS Apps. Users often establish these connections for convenience without consideration to potential security violations.
· Multiple account lockouts: Recorded when an account is locked out 4 or more times within a 12-hour period. Often indicating that malicious actors are actively (typically programmatically) trying password combinations to gain access to the account and have succeeded in validating a correct account name.
According to an American research group, “The U.S. National Security Strategy declares Russia and China the two top threats to U.S. national security. At the best of times, U.S.-Russia ties are a mixture of cooperation and competition, but today they are largely adversarial… Russia’s increasingly close relationship with China represents an ongoing challenge for the United States. While there is little that Washington can do to draw Moscow away from Beijing, it should not pursue policies that drive the two countries closer together, such as the trade war with China and rafts of sanctions against Russia.”
Protection of both the SaaS application and data are critical and must receive SaaS-optimized security controls. Building a security-minded employee culture that centers on security controls, SaaS-native cyber defenses and procedural compliance can play a significant role in reducing the risk of a successful attack.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
