Ahead of International SMB Day on 27 June, a new Kaspersky report reveals that the number of infections experienced by the sector has risen by 5% over the first quarter of 2024, compared to the same period last year. The number of users who encountered malware and unwanted software hiding in or mimicking software products was 2,402, with 4,110 unique files distributed under the guise of SMB-related software. This represents an 8% increase year-on-year and suggests an ongoing rise of attacker activity.
Small to medium-sized businesses (SMBs) are increasingly being targeted by cybercriminals, according to the latest Kaspersky report. The most prevalent form of attack continues to be Trojans, which are especially hazardous because, unlike viruses, they cannot self-replicate, and they usually mimic legitimate software. Their adaptability and capacity to evade traditional security measures render them a widespread and potent tool for cybercriminals.
Kaspersky recorded the number of Trojan attacks for the period Jan – April 2024 at 100,465 representing a 7% increase on the same period in 2023, and 83,145 more attacks than the next highest threat measured posed by DangerousObjects – a category of various previously undetected samples of unspecific nature which makes it a significant concern for cybersecurity efforts due to the complexity and evolving nature of cyberthreats. This type of malware recorded 17,320 attacks – some 6,994 more than in 2023.
Microsoft Excel has resumed its position as the number one channel of attack, moving from fourth to first place between 2023 and 2024. Microsoft Word secured second place, while Microsoft PowerPoint and Salesforce were the third most targeted applications.
To access information on the threats related to the SMB sector, Kaspersky analysts cross referenced selected applications, such as MS Office, MS Teams, Skype, and other programs used in the SMB space against Kaspersky Security Network (KSN) telemetry. This enables them to determine the prevalence of malicious files and unwanted software related to these programs, as well as the number of users attacked by these files.
Phishing remains a constant threat in the SMB sector and can have catastrophic consequences for business. Employees receive links to seemingly familiar and legitimate websites that imitate popular services, corporate portals, and online banking platforms. Once targets sign in, they inadvertently divulge usernames and passwords to cybercriminals or trigger automated cyberattacks, compromising sensitive information and business security.
“Our intelligence reveals that human error, often due to poor cybersecurity awareness, remains a significant vulnerability for SMBs. In addition, the ubiquitous use of Microsoft Excel in office environments provides fertile ground for cybercriminals who can hide and manipulate malicious data in large datasets that are then widely shared across a business. Although SMBs might be under the illusion they are not a target, they belong to huge ecosystem of interconnected assets and cybercriminals will exploit any weakness. For this reason, it is critical for all SMBs to create clear policies for accessing any corporate assets and ensure that staff are regularly reminded of the importance of following basic cybersecurity rules,” comments Vasily Kolesnikov, a cybersecurity expert at Kaspersky.
Protecting the SMB sector from the increasing interests of cybercriminals is crucial for the global economic, social and environmental challenges that lie ahead, particularly in emerging growth economies. According to UN data, 7 out of every 10 jobs in emerging economies are in the SMB sector, while access to finance is disproportionately challenging, making it harder for businesses in the sector to protect themselves against attack.
To protect your business from cyberthreats, please consider the following guidelines:
- To protect the company against a wide range of threats, use solutions such as those from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organisations of any size and industry.
- Establish the practice of using strong passwords to access corporate services. Use multi-factor authentication for access to remote services.
- Set up a policy for access to corporate assets, including email boxes, shared folders, and online documents. Keep it up to date and remove access if an employee no longer needs the details to do their job or when they leave the company. Use cloud access security broker software that can help manage and monitor employee activity within cloud services and enforce security policies.
- Make regular backups of essential data to ensure corporate information stays safe in case of emergencies.
- Install patches for new vulnerabilities as soon as possible. Once it is downloaded, threat actors can no longer abuse the vulnerability.
- Transform the workforce into an extra layer of protection against human-related cyberattacks with Kaspersky Automated Security Awareness Platform, a solution that instils safe Internet behaviour and includes a simulated phishing attack exercise, so they know how to recognise phishing emails and other socially engineered lures.
- Implementing Kaspersky Professional Services optimises the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance. And Kaspersky Premium Support facilitates quicker technical incident resolution, with less impact on business processes.
Read the full report on Securelist.com.