Cyberattack Surge: SMBs Grapple with 8% Rise in Malware

CVE-2024-21888 & CVE-2024-21893

Kaspersky’s most recent report reveals a concerning 5% surge in malware infections among small and medium-sized enterprises (SMBs) during the first quarter of 2024, compared to the corresponding period in the preceding year.

A significant 2,402 users encountered malicious software, often masquerading as legitimate applications, with 4,110 files disseminated under the guise of SMB-related software. These figures underscore an escalating trend of cyberattacks, marking an 8% year-over-year increase.

The report further elucidates the growing targeting of SMBs by cybercriminals. The predominant attack vector remains Trojan malware, which, while lacking the self-replicating capabilities of viruses, can effectively mimic legitimate software. Their adaptability and capacity to evade cybersecurity measures render them a favored tool among malicious actors.

Percentage of unique users targeted through the top 9 investigated applications, January 1 – April 30, 2024

Between January and April 2024, Kaspersky documented a total of 100,465 Trojan attacks, signifying a 7% surge compared to the corresponding period in 2023.

SMB cyberattack

Percentage of unique files with names that mimic the top 9 legitimate applications, 2023 and 2024

Microsoft Excel remains the most frequently targeted software in 2024, followed by Microsoft Word and, to a lesser extent, Microsoft PowerPoint and Salesforce.

To compile this comprehensive research on SMB threats, Kaspersky analysts cross-referenced applications commonly utilized in SMB workspaces, such as MS Office, MS Teams, and Skype, with data gleaned from the Kaspersky Security Network (KSN). This rigorous methodology enabled Kaspersky to ascertain the prevalence of malicious and unwanted software associated with these programs, as well as quantify the number of users impacted by such files.

Furthermore, phishing attacks persist as a substantial threat to SMBs, often culminating in severe repercussions. Employees routinely receive seemingly familiar links and encounter websites that convincingly mimic popular services, corporate portals, and online banking platforms. Upon logging into these fraudulent services, they inadvertently divulge their credentials to cybercriminals or trigger pre-installed cyberattacks on their systems, compromising sensitive information and jeopardizing corporate security.

“Our intelligence reveals that human error, often due to poor cybersecurity awareness, remains a significant vulnerability for SMBs. In addition, the ubiquitous use of Microsoft Excel in office environments provides fertile ground for cybercriminals who can hide and manipulate malicious data in large datasets that are then widely shared across a business. Although SMBs might be under the illusion they are not a target, they belong to huge ecosystem of interconnected assets and cybercriminals will exploit any weakness. For this reason, it is critical for all SMBs to create clear policies for accessing any corporate assets and ensure that staff are regularly reminded of the importance of following basic cybersecurity rules,” comments Vasily Kolesnikov, a cybersecurity expert at Kaspersky.

Related Posts: