The 2024 Sophos Threat Report has underscored the vulnerability of small businesses to cyberattacks, with over 75 percent of customer incident response cases addressed by Sophos’ X-Ops Incident Response service targeted at small enterprises.
Authored by Sean Gallagher, Anna Szalay, Andrew Brandt, and Chester Wisniewski, the Sophos Threat Report 2024 sheds light on the escalating cyber threats faced by smaller organizations, drawing from data collected from these cases alongside telemetry from users of Sophos’ small- and medium-sized business protection software.
Ransomware emerges as a top menace for small entities, with a sustained impact highlighted in the report. However, the threats extend far beyond ransomware, with data theft looming as a significant peril. Malware primarily focuses on pilfering sensitive data, comprising password stealers, keyboard loggers, and spyware, accounting for nearly half of malware detections.
Moreover, attackers are employing sophisticated techniques such as web-based malware distribution through malvertising and malicious search engine optimization, exploiting unprotected devices connected to organizational networks. The abuse of drivers, alongside evolving email attack strategies, further exacerbates the risk landscape for small businesses.
Mobile device users haven’t been spared either, with social engineering-based scams witnessing exponential growth, afflicting both individuals and small enterprises. The report underscores that the paramount challenge faced by small businesses, irrespective of their size, is safeguarding data, with over 90 percent of attacks involving data or credential theft.
Of particular concern is the surge in business email compromise (BEC) incidents, surpassing other forms of cyber incidents except ransomware. Stolen credentials, including browser cookies, fuel these compromises, often leading to unauthorized access to critical systems and services.
The report highlights the relentless nature of malware, with a significant proportion dedicated to data theft. Notably, ransomware continues to pose a severe threat, especially to small businesses, with LockBit ransomware identified as a prominent adversary.
Notably, ransomware isn’t confined to Windows systems, with cybercriminals expanding their scope to macOS and Linux platforms. The emergence of cross-platform ransomware variants underscores the evolving tactics of cyber adversaries.
The report also underscores the prevalence of cybercrime-as-a-service models, with malware delivery frameworks provided through underground marketplaces. Despite some disruption to prominent malware strains, remote access trojans like AgentTesla persist as formidable threats.
As small businesses navigate an increasingly perilous cybersecurity landscape, the 2024 Sophos Threat Report serves as a stark reminder of the urgent need for robust defense measures to safeguard against evolving cyber threats.
Baburajan Kizhakedath
