Small businesses are still a prime target for cybercrime, with ransomware remaining a primary existential cyber threat to SMEs.
According to the Sophos Security Operations Threat Research Annual Threat Report, ransomware cases accounted for 70% of Sophos Incident Response cases for small business customers in 2024 – and over 90% for midsized organizations (from 500 to 5000 employees).
Ransomware and data theft attempts accounted for nearly 30% of all Sophos Managed Detection and Response (MDR) tracked incidents (in which malicious activity of any sort was detected) for small and midsized businesses.
While ransomware attacks overall have declined slightly year over year, the cost of those attacks overall has risen, based on data from Sophos’ State of Ransomware report. And, although many of the threats observed in 2024 were familiar in form, other data-focused threats continue to grow, and new tactics and practices have emerged and evolved:
- Compromised network edge devices – firewalls, virtual private network appliances, and other access devices – account for a quarter of the initial compromises of businesses in cases that could be confirmed from telemetry, and is likely much higher.
- Software-as-a-service platforms, which were widely adopted by organizations during the Covid pandemic to support remote work and to improve overall security posture, continue to be abused in new ways for social engineering, initial compromise, and malware deployment.
- Business email compromise activity is a growing proportion of the overall initial compromises in cybersecurity incidents – leveraged for malware delivery, credential theft, and social engineering for a variety of criminal purposes.
- One of the drivers of business email compromise is the phishing of credentials with adversary-in-the-middle multifactor authentication (MFA) token capture, a constantly evolving threat.
- Fraudulent applications carrying malware, or tied to scams and social engineering through SMS and messaging applications, lead to mobile threats for small and midsize businesses.
- Other less-technical threats leveraging the network continue to be a threat to small businesses, again with evolving patterns of scams.
Article by Sean Gallagher