According to research SMB Threat Reportcarried out by the company Huntress“malware-free” cyberattacks are a major threat to small to medium-sized businesses.
Numbers in hand, when small businesses were targeted, only in 44% of the cases recorded it was possible to speak of a real one malware. The rest 56% of recorded cases, in fact, has actually highlighted other methods of attack.
The SMB Threat Report investigation highlighted how the “use of so-called “files” is quite widespread.living off the land binaries” (better known as LOLBin), scripting frameworks (like Power Shell) and the adoption of legitimate remote monitoring and management software (i.e RMM).
The use of LOLbins attacks usually occurs with the aim of exploiting infrastructures for activities such as botnetwith consequent management of DDoS attacks o cryptomining.
The growth of RMM exploitation cases is another concern, as antivirus software rightly ignores software considered legitimate. By exploiting these applications, therefore, cybercriminals can establish themselves on the victim device, carrying out their criminal actions without being detected.
These trends, however, are just some of those that constantly threaten SMEs.
RMM, LOLBins and phishing: the biggest threats to small and medium-sized businesses
According to Huntress’ research, the phishing remains a plague for small and medium-sized businesses.
Il 64% of the attacks analyzed in the third quarter of 2023 involved email, with extensive use of phishing techniques to steal personal information from victims.
Also ransomware they remain a real threat, with some very interesting data. The 60% of ransomware cases recorded in the SME context can be traced back to uncategorized, unknown or considered “defunct” strains. This goes against the trend of larger corporate environments, where cybercriminals rely on more cutting-edge and/or proven tools.
Of course, there is the fact that this type of commercial activity remains one of the favorite victims of cybercriminals. For the researchers who worked on the report, in fact “Whether for monetization purposes via ransomware or BEC, or potentially even state-run espionage activities, SMEs remain at risk from a variety of entities“.
However, they themselves wanted to send a message of hope. With a good combination of software antivirusfilters anti-spam e cautionit is still possible to deal with most potential cyber threats.