A new report from SaaSAlerts suggests that a growing number of attempted and successful cyberattacks are originating from Russia and China.
With prominent SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox frequently targeted, the data further indicates these countries may even be coordinating attack efforts. Attack trend lines that compare Russia and China show almost the exact same pattern. Juxtaposed to a chart from Germany, for example, indicates that it is not even close to the same pattern, leading to educated speculation that Russia and China could be coordinating efforts. Other prominently mentioned nation-states include Vietnam, Korea and Brazil.
On average, SaaS Alerts is seeing approximately 10,000 Brute Force attacks per day against the user accounts monitored by SaaS Alerts. The report finds that the three most common types of alerts include access by a user outside of the approved location or an approved IP address range; instances where account credentials have been used to connect to a third-party application which may lead to data and other account information sharing between SaaS Apps; and alerts warning of multiple account lock-outs due to faulty username/password combinations.
“In the uncertain cyber-climate we all reside in today, detailed SaaS security oversight and robust defenses are a requirement for ensuring high resiliency and business continuity,” said Jim Lippie, CEO of SaaS Alerts. “The loss, theft or corruption of mission critical or sensitive customer data can be operationally and financially troublesome for SMBs that depend on continuous and unrestricted business operations to bolster revenues which have been the target of threat actors for years.”
During the time period ranging from January 1st to December 31st, 2021, SaaS Alerts monitored more over 136 million SaaS security events, collecting and analyzing the anonymous SaaS application security data to identify a breakdown of cyberattacks on the most popular SaaS applications in use by SMBs today.
The data set is statistically significant and enables solution providers managing a portfolio of SaaS applications with pertinent data and trends to support defensive IT security re-alignments as required.