Sophos reveals ransomware still top cyber threat to small businesses | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

According to the latest findings from cybersecurity solutions provider Sophos, ransomware remains a top threat to small and medium-sized businesses (SMBs), despite some stabilization in incident rates.

The Sophos report identifies Lockbit as the primary ransomware group targeting SMBs, with Akira, BlackCat, BitLocker, and Crytox also posing threats. 

“The value of ‘data,’ as currency has increased exponentially among cybercriminals, and this is particularly true for SMBs, which tend to use one service or software application, per function, for their entire operation,” Christopher Budd, director of Sophos X-Ops research at Sophos, said in a media release.

Sophos: Cybercriminals run contests to advance techniques
Sophos expects more AI-based cyber attacks

Aside from ransomware, Sophos reports a surge in Business Email Compromise (BEC) attacks, which accounted for the second-highest incident volume in 2023. These attacks exhibit heightened sophistication, with cybercriminals engaging targets through conversational emails and employing evasion tactics such as embedding malicious code within images or utilizing alternative attachment formats like OneNote or archives.


Cybercriminal tactics continue to evolve, with an increase in remote encryption attacks targeting managed service providers (MSPs). Sophos observed a 62% rise in ransomware attacks involving remote encryption between 2022 and 2023. The report also highlights instances where SMBs fell victim to exploits in their MSPs’ remote monitoring and management (RMM) software.

Malware detection trends reveal a significant proportion (nearly 50%) attributable to keyloggers, spyware, and data stealers, emphasizing the persistent threat to sensitive data and credentials.

Sophos’ monitoring efforts also unveiled a concerning trend wherein initial access brokers (IABs) leverage the dark web to procure clients, offering services to infiltrate SMB networks, further highlighting the multifaceted challenges faced by organizations in safeguarding their digital assets.

Budd underscores the pervasive nature of data and credential theft, citing over 90% of cyberattacks reported to Sophos in 2023 involving these elements, whether through ransomware, data extortion, unauthorized access, or straightforward data theft.


Click Here For The Original Source.


National Cyber Security