The increasing adoption of cloud-based Software as a Service (SaaS) applications across enterprises has intensified security concerns, particularly following recent breaches.
A recent report by Thales highlights that SaaS applications have become the primary target for cyber attacks (31%), followed by cloud storage and cloud management solutions. With more than half of organizations reportedly using over 25 SaaS applications, securing these services has become highly complex, posing a significant challenge for security teams.
Widely used SaaS applications include Microsoft 365, Snowflake, Databricks, Salesforce, and Google Workspace. As nearly half of corporate data in the cloud is deemed sensitive, the increased usage of these applications has expanded the attack surface, making them more attractive to cybercriminals.
Glenn Chisolm, Co-Founder of Obsidian, comments on the situation: “Having handled hundreds of SaaS incidents with our incident response partners, we see SaaS threats becoming a rising concern for organizations. SaaS breaches have grown fourfold in the last year. Identity factors account for over 80% of these breaches, driven by attacks like help desk social engineering, self-service password resets, or attacker-in-the-middle tactics.”
Issues with configuration, data security, and governance gaps are among the key contributors to these breaches. In light of these significant security challenges, the need for robust identity management practices and increased oversight cannot be overstated.
TeamViewer, a prominent provider of remote access and control software, has confirmed a data breach attributed to the hacker group Midnight Blizzard. The breach stemmed from an employee’s compromised credentials, emphasizing the importance of identity security for SaaS applications.
Glenn Chisolm emphasized the role of identity compromise in such incidents, stating: “Identity compromise is a critical component in most breaches we see, accounting for over 80% of SaaS breaches.”
To mitigate the risk of identity compromise, Chisolm advises organizations to follow three core steps: centralize identity access behind an Identity Provider (IdP), ensure federated access with multi-factor authentication (MFA), and diligently monitor employee accounts for abnormal activities. These measures are crucial in protecting against threats such as spear-phishing and attacker-in-the-middle phishing.
In another recent breach, Rabbit, the artificial intelligence device, has come under scrutiny for a serious security flaw discovered in its system. A group of researchers, known as Rabbitude, found that the device contained hardcoded API keys, raising significant security risks. The investigators revealed that the keys, particularly those related to the ElevenLabs API, allowed potential access to all responses ever given by the R1 devices.
SaaS is the new cybersecurity battleground. Attackers are exploiting the modern SaaS kill chain, using TTPs to breach and scan tenants. Stay ahead of threat actors by implementing a SaaS security program and Zero Trust architecture for breach prevention: https://t.co/4fwHE4HCxI
— AppOmni (@AppOmniSecurity) July 1, 2024
Richard Bird, Chief Security Officer at Traceable AI, remarked: “The power of APIs to create value and business benefit is clearly running headlong into a series of security problems that haven’t been fixed for years. Basic key management issues are proving to be an enormous Achilles’ heel for companies.”
Tyler Shields, VP of Product Marketing at Traceable AI, echoed these concerns, noting the criticality of authentication and authorization in API security. “Hardcoding keys into software is a recipe for disaster as it’s only a matter of time before attackers reverse engineer those tokens,” said Shields.
The growing number of high-profile breaches underscores the urgent need for advanced security measures, including identity security and authentication, as well as industry-wide cooperation to strengthen defenses against increasingly sophisticated cyber threats.
Start Growing with Cloudways Today.
Our Clients Love us because we never compromise on these
Abdul Rehman
Abdul is a tech-savvy, coffee-fueled, and creatively driven marketer who loves keeping up with the latest software updates and tech gadgets. He's also a skilled technical writer who can explain complex concepts simply for a broad audience. Abdul enjoys sharing his knowledge of the Cloud industry through user manuals, documentation, and blog posts.
