Security News > 2023 > November > SMBs face surge in “malware free” attacks

SMBs face surge in “malware free” attacks
2023-11-28 09:48

"Malware free" attacks, attackers' increased reliance on legitimate tools and scripting frameworks, and BEC scams were the most prominent threats small and medium businesses faced in Q3 2023, says the inaugural SMB Threat Report by Huntress, a company that provides a security platform and services to SMBs and managed service providers.

Attackers deployed malware in 44% of cases, but the remaining 56% of incidents included use of "Living off the land" binaries, scripting frameworks and remote monitoring and management software.

"In 65% of incidents, threat actors used RMM software as a method for persistence or remote access mechanisms following initial access to victim environments," they said.

Notably, 64% of identity-focused attacks SMBs faced in Q3 2023 involved malicious forwarding or other inbox rules, while 24% were associated with logons from unusual or suspicious locations.

60% of ransomware incidents affecting SMBs were attributed to uncategorized, unknown, or "Defunct" ransomware strains.

"Whether for monetization purposes through ransomware or BEC, or potentially even state-directed espionage activity, SMBs remain at risk from a variety of entities," the researchers added.


News URL

https://www.helpnetsecurity.com/2023/11/28/smbs-attacks-q3-2023/