2024 Sophos Threat Report reveals ransomware as a major cybersecurity concern for small businesses

2 Mins read
small businesses

Over 90% of global businesses are small and medium-sized enterprises (SMEs), constituting over half of the world’s employment opportunities. Moreover, these SMEs also bear the brunt of cyber threats, being more susceptible to cyberattacks and experiencing greater proportional impacts. Factors such as a shortage of skilled security personnel, inadequate investments in cybersecurity, and limited IT budgets exacerbate their vulnerability. Consequently, when targeted by cybercriminals, the costs of recovery can be so crippling that many SMEs face the risk of closure.

According to the 2024 Sophos Threat Report, ransomware remains the most impactful cyber threat to smaller entities. Specifically, LockBit ransomware emerged as the primary threat in small business security cases handled by Sophos Incident Response in 2023. Moreover, there was a notable uptick in the use of remote execution tactics, whereby unmanaged devices within organizational networks were leveraged to target and encrypt files across interconnected systems.

Ransomware categories

Beyond ransomware, the report highlights various other cybersecurity challenges confronting small businesses, with data protection standing out as a primary concern. Data or credential theft, encompassing ransomware attacks, data extortion, unauthorized remote access, and outright data theft, accounted for over 90% of reported cyber incidents.

Business email compromise (BEC) poses another significant threat, involving cybercriminals taking control of email accounts to perpetrate fraud or other malicious activities. Additionally, malware attacks, particularly those targeting sensitive data, continue to proliferate, with a substantial portion categorized as “stealers,” designed to pilfer credentials, browser cookies, and keystrokes for illicit gain.

Ransomware categories

The pervasive use of Malware as a Service (MaaS) further exacerbates the threat landscape, facilitated by underground marketplaces where cybercriminals acquire malware delivery frameworks. Initial access to systems is often through phishing emails, malicious attachments, exploitation of software vulnerabilities, fake software updates, or abuse of Remote Desktop Protocol (RDP) and credential theft.

Furthermore, attackers have increasingly turned to web-based malware distribution channels, such as malvertising and malicious search engine optimization, to bypass traditional security measures.

Unprotected devices connected to organizational networks, including unmanaged computers and outdated software systems, represent prime targets for cybercriminals seeking to infiltrate small businesses. Attackers have also exploited vulnerabilities in drivers, often using legitimate but vulnerable drivers or malicious ones signed with stolen or fraudulently obtained certificates, to circumvent malware defenses.

Moreover, email attacks have evolved to include more sophisticated techniques, such as engaging targets in extended email threads to enhance the credibility of malicious lures. Similarly, attacks on mobile device users have surged, encompassing a range of scams tied to third-party services and social media platforms, ultimately impacting individuals and small businesses alike.

Conclusion: As the digital threat landscape evolves, staying ahead requires a proactive approach and a commitment to comprehensive protection. Effective defense strategies in 2024 demand constant monitoring, swift response times, and robust cybersecurity measures. Small businesses may be the targets, but with the right defenses, they can thwart cybercriminals and safeguard their operations.


Read next: Two-thirds of Indian employees predict a surge in international collaboration in the coming year, says Capterra Study

Leave a Reply

Your email address will not be published. Required fields are marked *

× 5 = 40