According to the latest report from Kaspersky, an increasing number of SMBs are becoming targets of cybercriminals. The most common form of attack continues to be Trojans, which, although not capable of self-replication like viruses, can mimic legitimate software. Furthermore, their adaptability and ability to evade cybersecurity tools make them a popular tool for cybercriminals.
Kaspersky revealed that the number of infections in small and medium-sized enterprises (SMBs) increased by 5% in the first quarter of 2024, compared to the same period last year. In addition, the number of users encountering malware, hidden on devices and mimicking legitimate software, reached 2,402 incidents with 4,110 files distributed as SMB-related software. These figures indicate an increase in attack activity, with an 8% increase compared to the same period last year.
Between January and April 2024, Kaspersky recorded a total of 100,465 Trojan attacks, representing a 7% increase compared to the same period in 2023. Accordingly, Microsoft Excel continued to be the most attacked software in 2024, followed by Microsoft Word, and the third most targeted software by criminals were Microsoft PowerPoint and Salesforce.
To obtain research results on threats in SMBs, Kaspersky analysts cross-referenced applications such as MS Office, MS Teams, Skype, and many other programs used in SMB workspaces based on Kaspersky Security Network (KSN) telemetry. This method helps Kaspersky determine the prevalence of malware and unwanted software associated with these programs, as well as the number of users affected by these files.
Furthermore, phishing continues to be a threat to SMBs, causing serious consequences for businesses. Employees are constantly receiving familiar-looking links and websites that mimic popular services, business portals, and online banking platforms. Once they log into these services, they inadvertently reveal their usernames and passwords to cybercriminals or trigger pre-planned cyberattacks on the system, such as compromising sensitive information and business security.
To protect businesses from cyber threats, Kaspersky recommends the following guidelines: Businesses can leverage their workforce as a line of defense against human-related cyberattacks by using the Kaspersky Automated Security Awareness Platform, a platform that simulates a phishing attack and guides users on safe internet behavior, instructing them on how to detect phishing emails and scams; Provide basic cybersecurity hygiene training for employees. Conduct a simulated phishing attack to ensure they know how to distinguish phishing emails; Establish access policies to company assets, including email, shared folders, and online documents. Continuously update and remove access when employees no longer need to use them or when they leave the company. Use cloud-based security access broker software to help manage and monitor employee activity in cloud services and enforce security policies…
BINH LAM
Source: https://www.sggp.org.vn/su-troi-day-cua-cac-cuoc-tan-cong-vao-microsoft-excel-khien-lay-nhiem-ma-doc-trong-cac-doanh-nghiep-smbs-gia-tang-post746547.html
Comment (0)