Businesses increasingly targeted by cyber criminals, report reveals

Small and medium-sized businesses (SMBs) have suffered year-on-year increases in cyber attacks, a report has revealed.

Research by cybersecurity firm Kaspersky has outlined the latest trends in the cyber world, highlighting the most common threats and methods of attack on the sector.

The industry has experienced a surge in infections. Instances have risen by five per cent over the first quarter of 2024, compared to the same period last year.

More than 2,400 users have found malware and software mimicking SMB’s used products, with 4,110 files distributed under the guise of SMB-related software, an eight per cent rise compared to 2023.

The study comes weeks after the UK Government Cyber Security Breaches Survey revealed that 50 per cent of UK businesses had suffered a cyber attack or security breach over the last year.

The Kaspersky research revealed that Trojan attacks continue to be the most common cyber threat, with a seven per cent rise compared to last year.

Downloading onto a computer and mimicking it as a legitimate program, trojan viruses are often difficult to detect.

Meanwhile, Microsoft tools were the top three channels used by cyber criminals to deliver an attack, with Excel continuing to stand at number one for the second consecutive year.

Phishing also continues to be one of the most common methods of attack, with emails and social media among the top platforms used to carry them out.

To gather findings, Kaspersky cross-referenced selected apps used by SMBs against Kaspersky Security Network (KSN) telemetry – a system that processes anonymised cyberthreat-related data shared voluntarily by Kaspersky users.  This process allowed analyses to determine the prevalence of malicious files and unwanted software targeting these programs, as well as the number of users attacked by these files.

Vasily Kolesnikov, a cybersecurity expert at Kaspersky, said: “Our intelligence reveals that human error, often due to poor cybersecurity awareness, remains a significant vulnerability for SMBs.

“In addition, the ubiquitous use of Microsoft Excel in office environments provides fertile ground for cyber criminals who can hide and manipulate malicious data in large datasets that are then widely shared across a business.

“Although SMBs might be under the illusion they are not a target, they belong to a huge ecosystem of interconnected assets, and cyber criminals will exploit any weakness. For this reason, all SMBs must create clear policies for accessing any corporate assets and ensure that staff are regularly reminded of the importance of following basic cybersecurity rules.”