Sophos’ latest research reveals a troubling rise in cyber incidents affecting small businesses in 2024, with virtual private networks (VPNs) and ransomware playing a significant role in these attacks.
The cybersecurity firm found that over 25% of all cyber incidents tracked were linked to VPNs. Additionally, these incidents accounted for 25% of ransomware and data exfiltration events. This highlights the growing importance of securing VPNs, which are critical tools for remote work and secure communications.
New research from Sophos also revealed that network edge devices, such as firewalls and VPN appliances, are now responsible for over a quarter of all initial business compromises. These devices, which act as the first line of defense, are increasingly targeted by cybercriminals to breach businesses’ networks.
In 2024, ransomware attacks were found to make up 70% of all tracked cyber incidents, with midsized businesses being particularly vulnerable—90% of cases in these organizations involved ransomware. Small businesses also faced a similar trend, with ransomware and data theft making up almost 30% of all incidents involving managed detection and response.
Although ransomware incidents showed a slight decline in 2024, the financial impact of these attacks increased. This shift indicates that while the frequency of attacks may have decreased, the severity and costs associated with these breaches have risen.
Sophos also pointed out the rise of new data-focused threats. As cybercriminals evolve their tactics, more sophisticated techniques, such as advanced social engineering, malware, and credential phishing, are emerging.
The study highlighted that business email compromise (BEC) is becoming a significant vector for initial compromises in cyber incidents. BEC attacks often involve social engineering, where attackers use deceptive methods to steal credentials, deliver malware, or manipulate business operations. One growing tactic in this category is adversary-in-the-middle multifactor authentication (MFA) token capture, which has become a common phishing method for stealing login information.
Mobile threats have also increased, with fraudulent apps and social engineering campaigns driving malware delivery. These attacks are affecting both small and midsized businesses, compounding the risks faced by organizations already vulnerable to ransomware.
The Sophos research underscores the increasing sophistication of cyber threats targeting businesses, highlighting the urgent need for robust security measures, especially around VPNs and network edge devices.
