https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • Complete 2023 MSP 501 Rankings
    • 2023 MSP 501 50-1
    • 2023 MSP 501 100-51
    • 2023 MSP 501 150-101
    • 2023 MSP 501 200-151
    • 2023 MSP 501 250-201
    • 2023 MSP 501 300-251
    • 2023 MSP 501 350-301
    • 2023 MSP 501 400-351
    • 2023 MSP 501 450-401
    • 2023 MSP 501 501-451
    • NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Channel Futures 20: Top Tech Providers
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2023 Editorial Calendar
  • Awards
    • Back
    • 2023 MSP 501
    • 2023 NextGen 101
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Technology Advisor 101 (TA 101)
    • Channel Leaders Lists
  • Events
    • Back
    • 2024 CP Expo Call for Speakers
    • Channel Futures Leadership Summit
    • MSP Summit
    • CP Conference & Expo
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Channel Research


Shutterstock

SMB Cyberattacks Originating from Russia and China On Rise, Says SaaS Alerts Data

  • Written by Allison Francis
  • March 8, 2022
The company’s just-released security insights report reveals top SaaS applications and data targeted by bad actors.

SaaS Alerts has uncovered that the majority of attacks on SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox originate from Russia and China. These findings are detailed in the company’s newly released, semiannual SaaS Application Security Insights (SASI) Report. 

The report analyzes approximately 136 million SaaS security events across 2,100 small and medium businesses (SMBs) globally. It also identifies cyber trends that are negatively impacting businesses.

The findings of the report take into account security events occurring across more than 120,000 user accounts in 2021. The data can aid providers who are managing a portfolio of SaaS applications. This will arm them with important data and trends to support defensive IT security realignments as needed, the company said.

Rise in SaaS Platforms Attacks

Over the last several weeks, SaaS Alerts has seen an uptick in activity from countries with consistently high attack levels. These are, of course, Russia and China. The significant amount of data analyzed suggests these countries may even be coordinating attack efforts. Analysis shows that attack trend lines comparing Russia and China show almost the exact same pattern.

According to the Brookings Institute, “The U.S. National Security Strategy declares Russia and China the two top threats to U.S. national security. At the best of times, U.S.-Russia ties are a mixture of cooperation and competition, but today they are largely adversarial… Russia’s increasingly close relationship with China represents an ongoing challenge for the United States. While there is little that Washington can do to draw Moscow away from Beijing, it should not pursue policies that drive the two countries closer together, such as the trade war with China and rafts of sanctions against Russia.” 

During the course of 2021, SaaS Alerts monitored more than 136 million SaaS platforms/security events. During this time, the company collected and analyzed the anonymous SaaS application security data. The idea was to identify a breakdown of cyberattacks on the most popular SaaS applications in use by SMBs today.

Key Findings of the Report

  • On average, SaaS Alerts is seeing approximately 10,000 “brute force” attacks per day against the user accounts monitored by SaaS Alerts.
  • Current data indicating that attempted unauthorized logins are coming from actors located in China, Vietnam, Russia, Korea and Brazil.
  • Successful unauthorized logins are originating in Russia, China, Vietnam, Korea and Brazil. These are countries where an actor has successfully logged in using a valid user’s credentials.
  • The report finds that the three most common critical SaaS application security alerts stem from:
    • “User Location Outside Approved Location”: an alert which is triggered when there’s a successful login to a user account from outside of an approved location or an approved IP address range.
    • “SaaS Integration”: which indicates that account credentials have been used to connect to a third-party application which may lead to data and other account information sharing between SaaS apps. Users often establish these connections for convenience without consideration to potential security violations.
    • “Multiple Account Lockouts”: recorded when an account is locked out four or more times within a 12-hour period. This often indicates that malicious actors are actively (typically programmatically) trying password combinations to gain access to the account and have succeeded in validating a correct account name.

The SMB Security Plight

SaaS Alerts' Jim Lippie

SaaS Alerts’ Jim Lippie

“In the uncertain cyber climate we all reside in today, detailed SaaS security oversight and robust defenses are a requirement for ensuring high resiliency and business continuity,” said Jim Lippie, CEO, SaaS Alerts. “The loss, theft or corruption of mission-critical or sensitive customer data can be operationally and financially troublesome for SMBs that depend on continuous and unrestricted business operations to bolster revenues which have been the target of threat actors for years. We offer this useful threat level breakdown to assist businesses and the MSPs that support them with highly accurate insights about the security landscape they reside in.”

MSPs have recently become more concerned with the security management and compliance of SaaS platforms that SMBs use. Protection of both the SaaS application and data are critical and must receive SaaS-optimized security controls. Building a security-minded employee culture that centers on security controls is an absolutely must, according to SaaS Alerts. SaaS-native cyber defenses and procedural compliance can play a significant role in reducing the risk of a successful attack.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Allison Francis or connect with her on LinkedIn.
Tags: MSPs Cloud Service Providers Strategy Channel Research Security

Most Recent


  • Dell Responds to Critics, Reaffirms Commitment to ‘Partner-First’ Strategy
    Channel exec Diego Majdalani says partner-first for storage is here to stay, but will it expand to the rest of the business?
  • Monthly recurring revenue
    3 Tips for Adding the Right Kind of Recurring Revenue
    Not all recurring revenue is created equal.
  • Trend Micro Partner Program Gets Big Redesign
    The program is built around the Trend Micro One platform.
  • CEO Steve Brazier at Canalys Channels Forum EMEA 2023
    Canalys Channels Forum EMEA 2023: Vendors Ask Channel for Help During Economic Slowdown
    Channel partners are thriving as IT vendors continue to move to "partner-first" to navigate a tough economy, says Canalys.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Making Waves
    7 Channel People Making Waves at IBM, Trend Micro, Check Point, More
  • Blackjack Double Down
    Cisco Doubles Down on Managed Services, Fastest Growing Route to Market
  • St. Basil's Cathedral, Moscow, Russia
    All Major U.S. Cloud Providers Have Stepped Back from Business in Russia
  • sd-wan
    Cisco Tops Fortinet, VMware in Latest SD-WAN Study

Upcoming Events

View all

Channel Futures Leadership Summit

October 30, 2023 - November 2, 2023

Channel Partners Conference & Expo

March 11, 2024 - March 14, 2024

Channel Futures Leadership Summit 2024

September 17, 2024 - September 19, 2024

Galleries

View all

Channel People on the Move: HP, 8×8, Five9, Nitel, RapidScale, More

October 3, 2023

7 Trends Impacting Ingram Micro Partners: Marriage of AI, Data Looms Large

October 2, 2023

Nutanix Partner Program Sees More Changes, Vendor Touts ‘Channel-Led’

October 2, 2023

Industry Perspectives

View all

Partners Balance Multicloud Opportunity, Complexity

September 25, 2023

Why Conversational AI Matters for Your Customers and How It Can Boost Your Revenue

September 15, 2023

The 5 Ds that Lead to Unplanned Business Sales

September 13, 2023

Webinars

View all

MSP 501: Leadership in Cybersecurity

October 19, 2023

DE&I: Find the Balance that Works for You

September 7, 2023

Above and Beyond with the NextGen 101ers

August 30, 2023

White Papers

View all

6 UCaaS Reseller Challenges and How Real World Businesses Solved Them

February 1, 2023

Frost Radar: North American UCaaS Market, 2022

February 1, 2023

The Complete Guide to White-Label UCaaS for Reseller Success

February 1, 2023

Channel Futures TV

View all

Coffee with Craig and James Episode 129: ZLH Enterprises

Coffee with Craig and James Episode 128: Channel Partner Strategies Intelligence Service

August 25, 2023

Coffee with Craig and James Episode 127: Expereo, Movie Night Returns

August 18, 2023

Coffee with Craig and James Episode 126: ARG

July 28, 2023

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X