https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity, Equity & Inclusion
  • MSP 501
    • Back
    • MSP 501 Information Center
    • 2021 MSP 501 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • DE&I 101
    • Top Gun 51
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Channel Research


Shutterstock

SMB Cyberattacks Originating from Russia and China On Rise, Says SaaS Alerts Data

  • Written by Allison Francis
  • March 8, 2022
The company’s just-released security insights report reveals top SaaS applications and data targeted by bad actors.

SaaS Alerts has uncovered that the majority of attacks on SaaS platforms such as Microsoft 365, Google Workspace, Slack and Dropbox originate from Russia and China. These findings are detailed in the company’s newly released, semiannual SaaS Application Security Insights (SASI) Report. 

The report analyzes approximately 136 million SaaS security events across 2,100 small and medium businesses (SMBs) globally. It also identifies cyber trends that are negatively impacting businesses.

The findings of the report take into account security events occurring across more than 120,000 user accounts in 2021. The data can aid providers who are managing a portfolio of SaaS applications. This will arm them with important data and trends to support defensive IT security realignments as needed, the company said.

Rise in SaaS Platforms Attacks

Over the last several weeks, SaaS Alerts has seen an uptick in activity from countries with consistently high attack levels. These are, of course, Russia and China. The significant amount of data analyzed suggests these countries may even be coordinating attack efforts. Analysis shows that attack trend lines comparing Russia and China show almost the exact same pattern.

According to the Brookings Institute, “The U.S. National Security Strategy declares Russia and China the two top threats to U.S. national security. At the best of times, U.S.-Russia ties are a mixture of cooperation and competition, but today they are largely adversarial… Russia’s increasingly close relationship with China represents an ongoing challenge for the United States. While there is little that Washington can do to draw Moscow away from Beijing, it should not pursue policies that drive the two countries closer together, such as the trade war with China and rafts of sanctions against Russia.” 

During the course of 2021, SaaS Alerts monitored more than 136 million SaaS platforms/security events. During this time, the company collected and analyzed the anonymous SaaS application security data. The idea was to identify a breakdown of cyberattacks on the most popular SaaS applications in use by SMBs today.

Key Findings of the Report

  • On average, SaaS Alerts is seeing approximately 10,000 “brute force” attacks per day against the user accounts monitored by SaaS Alerts.
  • Current data indicating that attempted unauthorized logins are coming from actors located in China, Vietnam, Russia, Korea and Brazil.
  • Successful unauthorized logins are originating in Russia, China, Vietnam, Korea and Brazil. These are countries where an actor has successfully logged in using a valid user’s credentials.
  • The report finds that the three most common critical SaaS application security alerts stem from:
    • “User Location Outside Approved Location”: an alert which is triggered when there’s a successful login to a user account from outside of an approved location or an approved IP address range.
    • “SaaS Integration”: which indicates that account credentials have been used to connect to a third-party application which may lead to data and other account information sharing between SaaS apps. Users often establish these connections for convenience without consideration to potential security violations.
    • “Multiple Account Lockouts”: recorded when an account is locked out four or more times within a 12-hour period. This often indicates that malicious actors are actively (typically programmatically) trying password combinations to gain access to the account and have succeeded in validating a correct account name.

The SMB Security Plight

SaaS Alerts' Jim Lippie

SaaS Alerts’ Jim Lippie

“In the uncertain cyber climate we all reside in today, detailed SaaS security oversight and robust defenses are a requirement for ensuring high resiliency and business continuity,” said Jim Lippie, CEO, SaaS Alerts. “The loss, theft or corruption of mission-critical or sensitive customer data can be operationally and financially troublesome for SMBs that depend on continuous and unrestricted business operations to bolster revenues which have been the target of threat actors for years. We offer this useful threat level breakdown to assist businesses and the MSPs that support them with highly accurate insights about the security landscape they reside in.”

MSPs have recently become more concerned with the security management and compliance of SaaS platforms that SMBs use. Protection of both the SaaS application and data are critical and must receive SaaS-optimized security controls. Building a security-minded employee culture that centers on security controls is an absolutely must, according to SaaS Alerts. SaaS-native cyber defenses and procedural compliance can play a significant role in reducing the risk of a successful attack.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Allison Francis or connect with her on LinkedIn.
Tags: Cloud Service Providers MSPs Channel Research Security Strategy

Most Recent


  • Making Waves
    8 Channel People Making Waves This Week at Avant, Cisco, Databricks, More
    We reported on the same story three times this week because of its importance to the channel. Can you guess which topic?
  • Given the large and rapid influx of service providers selling Versabased services as well as several new reseller partners my biggest challenge is scaling and integrating strong channelsmart talent at the rate that our business is growing
    Talent Shortage Ripple Effects Continue to Create Headaches for Partners
    As many MSPs deal with continuing hiring shortages, there is a growing need to find and retain the right talent.
  • Choice of direction
    New Charter Focuses on the Entrepreneur Journey with Different M&A Strategy
    The portfolio company of private equity firm Oval Partners has a unique model in a continually fluctuating landscape.
  • audience
    The Gately Report: Sectigo Enterprise Sales Leader Calls for More Women in Cybersecurity
    This week marks the fifth anniversary of the massively destructive WannaCry ransomware.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Making Waves
    7 Channel People Making Waves at IBM, Trend Micro, Check Point, More
  • Blackjack Double Down
    Cisco Doubles Down on Managed Services, Fastest Growing Route to Market
  • St. Basil's Cathedral, Moscow, Russia
    All Major U.S. Cloud Providers Have Stepped Back from Business in Russia
  • sd-wan
    Cisco Tops Fortinet, VMware in Latest SD-WAN Study

Upcoming Events

View all

Channel Partners Europe

June 14, 2022 - June 15, 2022

MSP Summit

September 13, 2022 - September 16, 2022

Galleries

View all

8 Channel People Making Waves This Week at Avant, Cisco, Databricks, More

May 13, 2022

Talent Shortage Ripple Effects Continue to Create Headaches for Partners

May 13, 2022

The Gately Report: Sectigo Enterprise Sales Leader Calls for More Women in Cybersecurity

May 13, 2022

Industry Perspectives

View all

Voice Analytics Are a Must-Have as Companies Evolve COVID-Rushed Tech

May 12, 2022

Top 5 Trends and Challenges Channel Partners Are Facing in 2022

May 9, 2022

Understanding Compliance for MSPs

May 3, 2022

Webinars

View all

Simplifying SaaS Security for MSPs

April 27, 2022

How to Supercharge The Network to Support Your IT Superhero Moves

May 3, 2022

The 2022 MSP Challenge: Scale Service Delivery Despite the Talent Gap

April 21, 2022

White Papers

View all

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

The AT&T Cybersecurity Incident Response Toolkit

April 4, 2022

Channel Futures TV

View all

AT&T, Microsoft, Cisco, ThreatLocker on Unlocking Partner Potential

Agents Share ‘Secrets,’ Industry Opportunity

May 11, 2022

Vonage Addresses Potential Partner Opportunity via Acquisition by Ericsson

May 5, 2022

Lumen Technologies ‘Built for Growth and Scale’

May 4, 2022

Twitter

ChannelFutures

As many MSPs deal with continuing hiring shortages, there is a growing need to find and retain the right talent.… twitter.com/i/web/status/1…

May 13, 2022
ChannelFutures

New Charter is focusing on the entrepreneur journey and has a unique snap-up model/strategy. dlvr.it/SQK8Jn https://t.co/kZ69jpi4AA

May 13, 2022
ChannelFutures

Free Live DE&I Webinar: “Shared Language: Inclusion Culture’s Secret Weapon” dlvr.it/SQK1bt https://t.co/837MHLLgG1

May 13, 2022
ChannelFutures

We talk to a @net2phone SVP about a recent acquisition, the company's push into Latin America and the future of the… twitter.com/i/web/status/1…

May 13, 2022
ChannelFutures

Our latest Gately Report includes @SectigoHQ on women in #Cybersecurity, @AWNetworks, @Secureworks tracking Iranian… twitter.com/i/web/status/1…

May 13, 2022
ChannelFutures

Read about how @ZayoGroup is expanding its network and refining its operations. dlvr.it/SQG8xn https://t.co/q5UYQvLr6v

May 12, 2022
ChannelFutures

[email protected] published a 29-page report on employer responsibility to employee mental health. Here are 10 takea… twitter.com/i/web/status/1…

May 12, 2022
ChannelFutures

.@Egnyte makes significant boosts to #partnerprogram to support channel community based on feedback from active par… twitter.com/i/web/status/1…

May 12, 2022

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X