Kaspersky Cyber-Resilience Report

In today’s digital landscape, small to medium-sized businesses (SMBs) are more likely to be targeted by cybercriminals due to their lack of resources and protections in place. According to the Hiscox Cyber Readiness Report in 2022 only 14% of SMBs rate their ability to mitigate cyber risks and attacks as “highly effective” and 60% of SMBs that are victims of a cyber attack go out of business within six months.

Kaspersky Cyber Report in 2022 and 2023

According to the Kaspersky cyber-resilience report for 2022, four out of ten employers admitted that a cybersecurity incident would constitute a major crisis for their businesses, surpassed only by significant drops in sales or natural disasters. Cybersecurity rises were identified as the second most challenging type of crisis to handle.

To gain insight into the specific threats facing SMBs in 2022 and 2023, Kaspersky’s experts utilized data from the Kaspersky Security Network, a system for processing anonymized cyberthreat-related data voluntarily shared by Kaspersky users.

Kaspersky Report Results

Between January 1 and May 18 of 2023, a staggering 2,392 SMB employees encountered malware or unwanted software disguised as legitimate business applications, resulting in 2,478 unique files and a total of 764,015 detections.

1. Exploits: Exploits were the most prevalent threat, accounting for a staggering 483,980 detections. Exploits are malicious programs designed to capitalize on vulnerabilities in software, often infiltrating systems without any user action.
2. Trojans: Trojans ranked second in terms of threats. Named after the infamous Trojan Horse, these threats masquerade as legitimate software but engage in malicious activities once inside a system.
3. Backdoors: Backdoors are the third most common threat and are exceptionally dangerous as they grant cybercriminals remote control over the victim’s device, enabling various malicious actions.
4. Not-a-virus: Potentially unwanted applications were labeled as “not-a-virus” by security solutions. While not inherently malicious, they can still cause annoyance and pose risk to users.

Recent Advances in Hacking Techniques

In a concerning development, cybercriminals have adopted a “conversation hijacking” technique. By accessing victims’ emails and replying to ongoing conversations, they trick users into downloading malicious attachments or clicking on harmful links, often leading to the installation of dangerous malware. Protect your SMB by reaching out to PivIT Strategy for further assistance.

This is great example of how cybercriminals continue to evolve their attacks.  Have you had a recent security assessment to know if you have any unpatched systems or unchecked vulnerabilities?  Are you providing Security Awareness Training to your employees and more importantly, are they learning of the risks?  Do you have the best-in-class layered cyber protections for your company?  

Protect your company by reaching out to PivIT Strategy to learn more.