Ransomware attacks targeting companies’ business data have become all too common, making headlines around the world. A global survey conducted in August 2022 revealed that large enterprises are not fully prepared for such attacks. That’s a real problem, as ransomware attacks on mission-critical SaaS data are increasingly frequent and successful, and recovery is often difficult, incomplete, and time-consuming. 

With large enterprises increasingly relying on cloud infrastructure, organizations that fail to prioritize data protection can be vulnerable to ransomware attacks on their SaaS data. 

What is ransomware?

Ransomware is malware that denies the user or organization access to their device and files until they pay a ransom to the attacker. 

These attacks can cause significant damage to the targeted organization. Companies must either pay the ransom or lose access to critical business data which results in embarrassing and costly downtime. 

SaaS data – not SaaS platforms – are the target 

Before we dive into the research, it’s important to note that while the SaaS platform itself is a highly unlikely potential victim of a ransomware attack, SaaS data can be targeted. The SaaS platform’s strict technical controls are simply too difficult to penetrate, however SaaS data can be attacked through phishing, malware, API key leaks, or other malicious methods. Attackers can then use the SaaS platform’s API to export the data and overwrite it with an encrypted version. To obtain the decryption key, victims must pay a ransom. 

The state of SaaS ransomware preparedness in 2022

Odaseva partnered with Dimensional Research®, an independent research firm specializing in enterprise technology, to conduct a global survey in August 2022 in which executives and managers of companies with more than 10,000 employees responded to how ransomware attacks affected their organization’s SaaS data. 

The survey results revealed surprising findings about three aspects of a ransomware attack against SaaS data: the threat, the recovery, and the prevention. Below is a quick look at the highlights. If you’d like to gain insights into the complete findings, download the full report “The State of SaaS Ransomware Attack Preparedness,” and register for our upcoming webinar to see experts discuss the findings.

The Threat

Survey respondents reported that ransomware attacks targeted data in different types of environments, but ransomware attacks on SaaS data succeeded more than attacks on any other environment.

Odaseva’s Chief Marketing Officer and co-founder Remy Claret explains that “as companies increasingly turn to SaaS applications to run mission-critical business processes, cybercriminals have taken note. SaaS data is targeted in more than half of all ransomware attacks, and half the time, these attacks are successful.” 

The Recovery

SaaS data lost in a ransomware attack was least likely to be fully recovered, highlighting the need for an effective backup and restore solution. And when the SaaS data could be completely recovered, it took days, weeks, or even months. That’s an intolerable amount of time to suffer from an interruption in business continuity.

The Prevention 

Given the often mission-critical nature of SaaS data, large enterprises must understand the risk of ransomware attacks and protect their data against this increasingly common and damaging threat.

“Organizations need to protect their SaaS data with comprehensive backups, but just as important, they need to ensure they are able to recover that backed up SaaS data quickly enough to avoid damage to the business,” said Remy. “Especially given how heavily modern enterprises depend on SaaS and cloud apps and data, it was shocking to see that the majority of organizations are still not protecting all of their data, leaving it unprotected against a ransomware attack.”

While this report highlights the current state of SaaS ransomware attacks and preparedness, there is good news when it comes to prevention. Enterprises can protect SaaS data against ransomware attacks if they have the right data protection plan in place, including a backup and restore solution designed specifically for their needs.

To learn more about ransomware attacks on SaaS data, you can download the full report here. We’re also hosting a webinar, The State of SaaS Ransomware Attack Preparedness, on October 5th where experts discuss the findings. Register today – if you can’t attend, we’ll send you a recording after the event.