September 29, 2022
In double whammy, recovery of data is the least likely
Hackers are increasingly targeting SaaS and cloud data in large enterprises globally, according to a new report from Odaseva.
The State of SaaS Ransomware Attack Preparedness survey said half of some 160 organizations with at least 10,000 employees were hit by ransomware attacks in the past 12 months. In this group, 51% said SaaS data was the target.
Ransomware attacks targeting SaaS data were found to be the most likely to be successful, with 52% of them penetrating enterprise defenses. Notably, this data also is “least likely” to be recovered, the survey said.
That compares with a 42% success rate in hacking data stored in a public cloud (AWS, Azure, GCP and others) and 46% for on-prem data. Only data stored in endpoints (laptops, mobile phones and others) was similarly victimized, with a 51% success rate.
“As companies increasingly turn to SaaS applications to run mission-critical business processes, cybercriminals have taken note,” said Remy Claret, CMO and co-founder at Odaseva, in a statement.
Notably, SaaS platforms typically are not the targets of the attack because “bypassing the platform’s strict technical controls is simply too difficult.” However, SaaS data can be targeted through phishing, malware, API key leaks and other methods, according to the report.
Companies, however, are least likely to be worried about the vulnerability of SaaS data getting stolen: Only 11% of respondents said they are ‘most concerned’ about it compared to 48% for endpoints, 37% for public clouds and 15% for on-prem or private clouds.
As for recovery, 50% of the surveyed enterprises were able to fully recover from ransomware attacks on SaaS data, the lowest among all environments. Some 81% of organizations were able to recover all their data from a successful attack on on-premises data, while just over half were able to fully recover endpoint (55%) and public cloud (53%) data.
"Organizations need to protect their SaaS data with comprehensive backups, but just as important, they need to ensure they can recover that backed-up SaaS data quickly enough to avoid damage to the business,” said Claret.