According to the latest report from Kaspersky, more and more SMBs are becoming targets for cybercriminals. The most common type of attack continues to be Trojans, which, although they do not have the ability to self-replicate like viruses, can mimic legitimate software. In addition, their ability to adapt and evade cybersecurity tools makes them a popular tool for cybercriminals.
Kaspersky revealed that the number of infections among small and medium-sized businesses (SMBs) increased by 5% in the first quarter of 2024, compared to the same period last year. In addition, the number of users encountering malware, hidden on devices and emulating legitimate software reached 2,402, with 4,110 files distributed as SMB-related software. These figures show that the attack activity is on the rise with an increase of 8% compared to the same period last year.
In the period from January to April 2024, Kaspersky recorded a total of 100,465 Trojan attacks, which is a 7% increase compared to the same period in 2023. Accordingly, Microsoft Excel continued to be the most attacked software in 2024. It was followed by Microsoft Word, and the third most targeted software by criminals were Microsoft PowerPoint and Salesforce.
To find out the results of the research on threats in SMBs, Kaspersky analysts cross-referenced applications such as MS Office, MS Teams, Skype and many other programs used in SMBs’ workspaces based on Kaspersky Security Network (KSN) telemetry. This form of analysis helps Kaspersky determine the prevalence of malware and unwanted software related to these programs, as well as the number of users attacked by these files.
In addition, phishing continues to be a threat to SMBs, causing serious consequences for businesses. Employees are constantly being sent familiar-looking links and websites that mimic popular services, enterprise portals, and online banking platforms. Once they log in to these services, they will inadvertently reveal their usernames and passwords to cybercriminals or trigger pre-set cyberattacks on the system, such as compromising sensitive information and business security.
To protect businesses from cyber threats, Kaspersky recommends the following guidelines: Businesses can leverage their workforce as a line of defense against human-related cyberattacks by using the Kaspersky Automated Security Awareness Platform, which simulates a phishing attack and educates users on safe Internet behavior, guiding them to spot phishing emails and scams; Provide basic cybersecurity hygiene training to employees. Conduct a simulated phishing attack to ensure they know how to distinguish phishing emails; Set up access policies for corporate assets, including email, shared folders and online documents. Continuously update and remove access when employees no longer need it or when they leave the company. Using cloud access security broker software can help manage and monitor employee activity in cloud services and enforce security policies…
BINH LAM
Source: https://www.sggp.org.vn/su-troi-day-cua-cac-cuoc-tan-cong-vao-microsoft-excel-khien-lay-nhiem-ma-doc-trong-cac-doanh-nghiep-smbs-gia-tang-post746547.html
Comment (0)