A recent report by cybersecurity firm Sophos has identified the absence of proficient security operations staff as a leading factor behind the escalating cyber attacks targeting small and medium-sized businesses (SMBs).
The findings of the report unveiled that nearly 50 percent of malware detections for SMBs comprised keyloggers, spyware, and stealers—malicious software used by attackers to pilfer data and credentials.
Hackers exploit stolen data for various malicious activities, including launching ransomware attacks, blackmailing victims, and gaining illicit remote access. Despite SMBs recognizing the significance of data protection, they often rely on a single software application or service for all business functions, as highlighted in the report.
For instance, in a hypothetical scenario outlined by the report, attackers could deploy an infostealer to pilfer credentials, subsequently gaining access to the company’s accounting software. This breach could enable attackers to manipulate the targeted company’s financial records and siphon funds into their accounts.
The report emphasized that over 90 percent of cyber attacks reported to Sophos in 2023 involved data or credential theft, underscoring the pervasive nature of this threat.
Regarding the most significant cyber threat to SMBs, Sophos identified LockBit as the top ransomware gang causing havoc, followed by Akira and BlackCat. The report also highlighted attacks by older ransomware variants like BitLocker and Crytox, indicating the evolving tactics employed by ransomware operators.
Furthermore, Sophos noted a surge in ransomware attacks involving remote encryption, wherein attackers use unmanaged devices on organizations’ networks to encrypt files on other systems—a trend that witnessed a 62 percent increase between 2022 and 2023.
Following ransomware, business email compromise (BEC) attacks emerged as the second-highest type of cyber attack faced by SMBs in 2023, according to the report.