SaaS Apps Increasingly Used for Malware Downloads

SaaS Apps Increasingly Used for Malware Downloads

Feb 19, 2024 | Cybersecurity, Computer Support

As the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024. Cloud-based SaaS applications have long been used to host impersonated websites and malicious downloads. By co-opting the credibility of such sites, the cybercriminal can often evade cybersecurity protections. As more and more organizations are relying on on SaaS applications to boost productivity, it’s clear that these are serious threats. And according to Netskope’s Cloud and Threat Report 2024, cybercriminals are taking advantage of this trend to increase their chances of a successful attack.

SaaS use Continues to Grow

How quickly is SaaS app usage is increasing? According to the report, a user generated an average of around 1,000 activities per month in 2022. Today, half of all enterprise users generate from 600-5,000 per month, and the median number of activities per month is nearly double the number in 2023. We’re also seeing early adopters and power users generating extremely large numbers of SaaS activities.

Source: Netskope

What SaaS Apps are Most Frequently Used for Distributing Malware?

The top SaaS apps are OneDrive, Google Drive, SharePoint, Google Cloud Storage and Amazon S3. Because they’re so ubiquitous in the business world, security solutions see these apps being used and will tend to downplay the risk in any download traffic from these and other popular SaaS apps. Imagine how inconvenient it would be if your security solution just outright blocked your access to Microsoft 365!

For the last year, downloads of malware that originated from within SaaS apps has steadily remained above 50%. Analysts at Netskope expects this trend to continue throughout 2024 and expect it to push closer toward 60%.

Source: Netskope

Put this together, and you quickly realize three things:

  • Security solutions need to scan anything that comes into the system, even if it comes from a legitimate SaaS app. The use of these attack vectors is growing.
  • SaaS vendors need to do a better job ensuring that their platforms are not used to host malicious attacks.
  • Users need to be vigilant with their interactions – even if a link points to a legitimate SaaS app.

How to Protect Your Organization from Malware Distributed by SaaS Applications

Inacom offers Security Awareness Training via our partnership with KnowBe4. This program can help teach your users how to spot attacks hosted on SaaS platforms. We offer competitive pricing that is below what you can find from KnowBe4 and most other partners. If you’d like to get a free baseline assessment of your organization, give us a call at 410.5438.200 to learn more.

Travis Fisher

Travis is Inacom’s Executive Vice President, tasked with assisting customers with their web based marketing initiatives. He’s kinda famous for his BBQ. He lives in Easton, MD with his amazing wife, two kids, and two dogs.


Looking For a great IT service provider?

Recent Posts