As the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024.
I’ve provided plenty of examples on this blog of threat actors using cloud-based SaaS applications to host impersonated websites and malicious downloads. The credibility of such sites aids the cybercriminal, as traffic to and from reputable sites have a tendency to get past security solutions.
So, what happens when organizations increasingly rely on SaaS applications? According to Netskope’s Cloud and Threat Report 2024, cybercriminals take advantage of this trend to increase their chances of a successful attack.
SaaS app usage is increasing. According to the report, two years ago, a user generated an average of around 1,000 activities per month on SaaS apps. Today, half of all enterprise users generate from 600-5,000 per month.
Source: Netskope
The top SaaS apps are OneDrive, Google Drive, SharePoint, Google Cloud Storage and Amazon S3. What makes these of interest is that security solutions see these apps being used and will tend to downplay the risk in any download traffic from these and other popular SaaS apps.
And over the last year downloads of malware that originated from within SaaS apps has steadily remained above 50%. Analysts at Netskope expects this trend to continue throughout 2024 and expect it to push closer toward 60%.
Source: Netskope
Put this together, and you quickly realize two things: First, security solutions need to be laser focused on anything that comes from even a legitimate SaaS app, since the trend seems to be growing. And second, users need to be vigilant with their interactions – even if a link points to a legitimate SaaS app – something taught with new-school security awareness training.
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.
Here's how it works:
