SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Breach Prevention
#
Cybersecurity
#
Email Security
Sophos 2024 report reveals top cybersecurity threats to SMBs
Thu, 14th Mar 2024
Author image
By Catherine Knowles, Journalist
Follow us

Global cybersecurity company, Sophos, has published its annual 2024 Sophos Threat Report which unveils the foremost threats targeted at small and medium-sized businesses (SMBs). The report draws on insights from over 1500 malware detections for SMBs across SophosLabs, Managed Detection and Response (MDR), and Incident Response (IR).

The report disclosed that almost half (50%) of the malware detected against SMBs in 2023 consisted of keyloggers, spyware, and stealers. These particular types of malware are often used by cyber criminals to snatch data and digital credentials, for instance, logging a user's keystrokes to steal passwords or other sensitive information.

Additional findings of the report suggest that ransomware developers persist in altering their attack tactics, utilising remote encryption and increasingly, setting their sights on managed service providers (MSPs). Between 2022 and 2023, there was a 62% increase in ransomware attacks involving remote encryption. In the past year alone, Sophos's MDR team responded to five cases where small businesses were assaulted via an exploit in their MSPs' remote monitoring and management (RMM) software.

Second to ransomware, business email compromise (BEC) attacks emerged as the next highest type of assault that Sophos IR handled in 2023. The report noted an evolution in attacker relationship with their targets, with a sequence of conversational emails being exchanged or sometimes even phone calls made.

The value of 'data' has skyrocketed among cyber criminals, especially in relation to SMBs," said Christopher Budd, director of Sophos X-Ops research at Sophos. "There's a reason that more than 90% of all cyberattacks reported to Sophos in 2023 involved data or credential theft, whether through ransomware attacks, data extortion, unauthorized remote access, or simply data theft."

The report also revealed that while the number of ransomware attacks remains stable it is persistently the biggest cyber threat to SMBs. The Sophos Incident Response (IR) has flagged that LockBit was the most aggressive ransomware group of 2023, with Akira and BlackCat close behind. In addition, the report brought to light ongoing hits from older, lesser-known ransomware like BitLocker and Crytox.

A growing sophistication among cyber criminals was also detected, with an increasingly elaborate approach taken towards business email compromise (BEC) attacks and other social engineering endeavours. Many are now choosing to engage targets through a back-and-forth exchange of emails or even phone calls. Furthermore, to avoid traditional spam prevention tool detection, cyber criminals are experimenting with new malicious content formats.

The 2024 Sophos Threat Report paints a clear picture of the fluidity of the threat landscape and the speed at which tactics evolve. SMB's are encouraged to take relevant precautions to mitigate the risks unveiled by this report.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds