Half of ransomware attacks target SaaS data

Odaseva, enterprise data platform for Salesforce, found that more than half of all ransomware attacks in the last 12 months targeted SaaS data.

Odaseva enterprise data protection platform for Salesforce, today released the findings of a global survey that shows that organisations are largely unprepared for ransomware attacks on their data stored in SaaS platforms. Attacks on SaaS data are an increasingly common cybersecurity target, and they succeed in encrypting SaaS data half the time, leaving only half of the victims able to fully recover. Differentiating from other ransomware studies, the survey queried senior data professionals at large enterprises of 10,000 employees or more. 

Ransomware attacks are successfully targeting both SaaS and cloud data 

  • The survey reveals that almost half (48%) of organisations have experienced a ransomware attack over the past 12 months, and SaaS data was the target of more than half of them (51%).  
  • Data in public infrastructure clouds like Amazon Web Services, Microsoft Azure and Google Cloud was the No. 1 target, while endpoints, such as laptops and mobile devices, (61%) and on-premises data (56%) came in at No. 2 and No. 3, respectively. 
  • Ransomware attacks on SaaS data were the most likely to be successful however, with 52% of them penetrating enterprise defenses to encrypt the data.  
  • Attacks targeting data in public infrastructure clouds, on the other hand, were only successful 42% of the time. 
  • On-premises and endpoint data attacks were successful 46% and 51% of the time, respectively. 

Only half of enterprises fully recover from ransomware attacks on SaaS data  

  • Only half (50%) of organisations whose SaaS data was successfully attacked were able to fully recover their data, the lowest rate of all environments, highlighting the urgent need for enterprises to implement an effective SaaS data protection solution 
  • More than eight in 10 (81%) organizations were able to recover all their data from a successful attack on on-premises data, while just over half were able to fully recover endpoint (55%) and public cloud (53%) data. 

Most enterprises do not fully back up all their SaaS data 

  • While all companies reported they had some form of SaaS backup, only 43% said they backed up all of their SaaS data, which leaves 57% of companies at least partially unprotected. Similarly, 59% of enterprises don’t protect all of their data in public infrastructure clouds.  
  • Unsurprisingly then, managers and executives at only 28% of organisations are “very” confident about their ability to recover after a cloud or SaaS ransomware attack, with 69% saying they are “somewhat” confident.  

“Especially given how heavily modern enterprises depend on SaaS and cloud apps and data, it was shocking to see that the majority of organisations are not protecting all of their data, leaving it unprotected against a ransomware attack,” said Remy Claret, CMO and co-founder at Odaseva. 

Complex data recovery processes are the No. 1 concern for protecting SaaS data 

  • When asked why they are concerned about their ability to recover, organisations are most concerned that their recovery process for SaaS data is so complex, they could not get up and running quickly following a successful attack (69%). They are also concerned that a single user becoming infected could sync the malware into the entire system (56%).  
  • Regarding vectors of attack on SaaS data, their top concerns are stolen user credentials (67%) and malicious or vulnerable third party apps (58%).  

“As companies increasingly turn to SaaS applications to run mission-critical business processes, cybercriminals have taken note,” Claret said. “SaaS data is targeted in more than half of all ransomware attacks, and half the time, these attacks are successful. Organisations need to protect their SaaS data with comprehensive backups, but just as important, they need to ensure they are able to recover that backed up SaaS data quickly enough to avoid damage to the business.” 

The survey was commissioned by Odaseva and fielded by Dimensional Research in August 2022. Independent sources of data stakeholders were invited to participate, resulting in responses from  157 executives or team managers with decision making responsibility for public cloud and SaaS environments from North America, EMEA and APAC completed the survey. All had decision making responsibility for data solutions for both IaaS and SaaS cloud environments. All worked for a company with more than 10,000 employees. 


Featured Articles

The impact data poisoning has on cyber and AI

We take a look at why the risks of data and AI poisoning is continuing to wreak havoc on the cybersecurity industry

Five innovative ways AI can help prevent cyber attacks

A cyber hack at Okta put businesses on high alert, and here, we examine how AI can help prevent future breaches

SailPoint delivers new non-employee risk management solution

The new capability will help organisations manage non-employees while also supporting regulatory compliance requirements and reducing third-party risk

Akamai shares details of Asia’s record-breaking DDoS attack

Network Security

Vive la France and Cyberscore Law is rallying cry for Europe

Operational Security

(ISC)² signs MOU with UAE to train nation’s cyber workforce

Operational Security