Sophos: 90% of Attacks Involve Data or Credential Theft
MSSP Alert
|
Contributed by: Drex DeFord
Summary
The 2024 Sophos Threat Report highlights a concerning trend of ransomware operators increasingly targeting small and medium-sized businesses (SMBs), with a significant 62% rise in remote encryption attacks observed between 2022 and 2023. These attacks often exploit vulnerabilities in remote monitoring and management (RMM) software, revealing that over 75% of Sophos' customer incident responses involved SMBs. Additionally, the report emphasizes the growing use of stolen data as a currency among cybercriminals, with nearly half of malware detections in SMBs being data-stealing malware. Sophos also notes that over 90% of cyberattacks involve data or credential theft, highlighting the severe challenge SMBs face in protecting sensitive information. Moreover, the proliferation of Malware-as-a-Service (MaaS) poses a continuous threat, despite some interventions by industry and law enforcement.
