More attacks on SMEs | Pentest7

top cybersecurity companies

In 2022 there are increasing dangers for small and medium-sized businesses, compounded by growing shared economy structures among cybercriminals.

Smaller companies are increasingly being targeted by hackers. BlackBerry publishes the current BlackBerry Threat Report 2022. The main finding is that cybercriminal underground structures have been specially optimized to attack local small businesses even more effectively. The report also uncovers traces of some notorious ransomware attacks over the past year, suggesting that the perpetrators may simply have been outsourced workers.

“Criminals are figuring out better ways to target us. The cyber underground infrastructure has evolved to allow attackers to deliver timely and increasingly accurate personalized deceptions to the public,” said Eric Milam, vice president of research and intelligence at BlackBerry. “This infrastructure has also created a criminal shared economy, where groups of threat actors share and outsource malware to carry out attacks at scale. In fact, some of the biggest cyber incidents of 2021 appear to have been the result of this outsourcing.”

Key findings from the 2022 BlackBerry Threat Report:

  • Small businesses are increasingly the focus of attacks: You face up to 11 cyber threats per device every day. It can be expected that this development will accelerate as cybercriminals increasingly adopt a collaborative mindset.
  • Public cloud platforms unintentionally host malware: An increasing amount of user data is hosted on public cloud platforms. Most of these resources are very flexible and can be inexpensively customized. This trend is particularly noticeable in North America, where local hosting of malicious data assets like Cobalt Strike is on the rise.
  • The Biggest Attacks of 2021 May Have Been Outsourced: In several incidents, BlackBerry identified threat actors leaving behind text files containing IP addresses and other traces. They suggest that the originators of current ransomware are not those who actually carry out the attacks – a testament to the growing shared economy structures within the cyber underground.
  • What’s old is new – with a crucial twist: The general increase in the use of digital channels has led to old approaches such as phishing and watering hole attacks coming back to the fore, mainly because of their scalability. This suggests that these tactics could continue to matter as digital innovations such as the Metaverse and augmented reality solutions proliferate.

Based on the Zero Trust strategy recently introduced by the administration of US President Joe Biden, a Zero Trust mentality that is as widespread as possible and a smooth security approach for end users in all sectors is essential. Against the backdrop of the damage caused by the SolarWinds scandal, the new direction taken shows that the government is acting with foresight. She keeps an eye on how existing tactics can be used by attackers in 2022 alongside potential new risks in quantum computing, the metaverse, connected vehicles and the like. At the same time, it removes barriers to Zero Trust adoption.

Leave a Reply

Your email address will not be published.