Keyloggers, spyware, and stealers dominate SMB malware detections

2024-03-13 04:00

In 2023, 50% of malware detections for SMBs were keyloggers, spyware and stealers, malware that attackers use to steal data and credentials, according to Sophos.

"The value of 'data,' as currency has increased exponentially among cybercriminals, and this is particularly true for SMBs, which tend to use one service or software application, per function, for their entire operation. For example, let's say attackers deploy an infostealer on their target's network to steal credentials and then get hold of the password for the company's accounting software. Attackers could then gain access to the targeted company's financials and have the ability to funnel funds into their own accounts," said Christopher Budd, director of Sophos X-Ops research at Sophos.

"There's a reason that more than 90% of all cyberattacks reported to Sophos in 2023 involved data or credential theft, whether through ransomware attacks, data extortion, unauthorized remote access, or simply data theft," added Budd.

While the number of ransomware attacks against SMBs has stabilized, it continues to be the biggest cyberthreat to SMBs. Out of the SMB cases handled by Sophos Incident Response, which helps organizations under active attack, LockBit was the top ransomware gang wreaking havoc.

SMBs studied in the report also faced attacks by lingering older and lesser-known ransomware, such as BitLocker and Crytox.

Following ransomware, business email compromise attacks were the second highest type of attacks that Sophos IR handled in 2023, according to the report.

News URL

https://www.helpnetsecurity.com/2024/03/13/smbs-ransomware-cyberthreat/

#keylogger #malware #SMB #spyware