Over three-quarters of cyber incidents impacted small businesses in 2023, with ransomware having the biggest impact on these firms, according to a new Sophos report.
The notorious LockBit group made up the highest number of small business ransomware incidents handled by Sophos Incident Response last year, at 27.59%.
LockBit infections were considerably higher than the next highest groups: Akira (15.52%), BlackCat (13.79%) and Play (10.34%).
Read more: LockBit Takedown: What You Need to Know about Operation Cronos
The report also highlighted evolving tactics used by ransomware operators as 2023 progressed. This included an increase in the use of remote encryption, whereby attackers leverage an unmanaged device on organizations’ networks to attempt to encrypt files on other systems through network file access.
Additionally, ransomware operators are building malware to target macOS and Linux operating systems. Sophos researchers have observed leaked versions of LockBit ransomware targeting macOS on Apple’s own processor and Linux on multiple hardware platforms.
Data Theft the Main Focus for SMB Attacks
The research found that over 90% of cyber-attacks reported by Sophos customers involved data or credential theft in some form, ranging from ransomware to data breaches.
Nearly half (43.26%) of all malware targeting small and medium businesses (SMBs) last year focused on data theft. These were made up of password stealers, keyboard loggers and other spyware.
No tags.
