IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

State-sponsored hackers are diversifying tactics, targeting small businesses

Research has warned that state-sponsored threat actors will increasingly target smaller enterprises in 2023

State-sponsored threat actors are increasingly shifting their focus towards SMBs and smaller enterprises, according to new research.  

While large enterprises, public services, and critical national infrastructure have traditionally been key targets for state-sponsored threat actors, SonicWall’s 2023 Cyber Threat Report predicted that groups will ‘diversify’ their tactics in 2023 to target SMBs and a “broader set of victims”.  

SonicWall CEO Bob VanKirk said the increased targeting of SMBs and small enterprises represents an alarming shift among threat actors.  

“The past year reinforced the need for cyber security in every industry and every facet of business, as threat actors targeted anything and everything, from education to retail to finance,” he said.  

“While organisations face an increasing number of real-world obstacles with macroeconomic pressures and continued geopolitical strife, threat actors are shifting attack strategies at an alarming rate.” 

Cyber threats against small businesses have been rising steadily in recent years amidst an increasingly perilous global threat landscape.  

Brian Martin, Head of Product and Innovation at Integrity360 said SMBs are an attractive target for threat actors because they “typically have less security focus and budget available, hence a less mature cyber security programme in place”.  

“This means they are easier to breach, due to lack of security awareness and training, unpatched or out-of-date systems and infrastructure, and weak or missing protective controls in place to protect their data and their infrastructure,” he added.  

Research from Close Brothers last year found that nearly half of UK-based SMBs suffered a cyber attack, with more than half (54%) suffering a financial loss.  

A recent study from Vodafone highlighted this growing risk for small businesses, noting that more than half (54%) experienced “some form” of cyber attack across 2022, marking a significant increase from 2020.  

Almost one in five of SMBs polled by the company said that a cyber attack would cost their business up to £4,200 on average, highlighting the potentially devastating impact on smaller firms during a period fraught with economic uncertainty. 

Yet despite the financial and reputational damage faced by small businesses subject to cyber attacks, Vodafone’s research found that nearly one-fifth (18%) of businesses polled said their business was not protected by cyber security software.  

In addition, 5% said they did not know if they had protection at all while only 28% were aware of the UK government’s Cyber Essentials scheme, which provides vital security advice and tips for businesses.

Evolving cyber crime landscape

The shift towards targeting SMBs coincides with a 21% decline in the overall volume of ransomware attacks, a frequent go-to method for threat actors in recent years, the report also revealed.

SonicWall's findings echo those of other cyber security vendors, which have mostly agreed in their respective threat reports that ransomware detections dropped during the last year.

Related Resource

In unpredictable times, a data strategy is key

Data processes are crucial to guide decisions and drive business growth

Black whitepaper cover with process guide graphic connecting an idea, mind map, tablet, cloud and server images with arrowsFree Download

Global malware attacks increased by 2% last year using more than 400,000 unique variants, marking the first increase in this attack method since 2018.

IoT malware and cryptojacking methods also jumped by 87% and 43% respectively as threat actors have “embraced slower and more stealthy approaches to achieve financially motivated cyber attacks”. 

“In addition to cyber attacks becoming more sophisticated and covert, threat actors are showing clear preferences for certain techniques, with notable shifts towards weak IoT devices, cryptojacking, and potentially soft targets like schools and hospitals,” the report added. 

Research into the exploitation of Log4Shell, the vulnerability in the widely used Apache log4j Java logger discovered in December 2021, showed that more than 1 billion attempts were made to exploit the vulnerability across the world in 2022.

When first discovered, the vulnerability was thought to be one of the most dangerous in years. In the months following, fears were largely allayed as the rate of successful exploitation was much lower than previously feared, in part due to effective patches released quickly.

Featured Resources

IT best practices for accelerating the journey to carbon neutrality

Considerations and pragmatic solutions for IT executives driving sustainable IT

Free Download

The Total Economic Impact™ of IBM Spectrum Virtualize

Cost savings and business benefits enabled by storage built with IBMSpectrum Virtualize

Free download

Using application migration and modernisation to supercharge business agility and resiliency

Modernisation can propel your digital transformation to the next generation

Free Download

The strategic CFO

Why finance transformation propels business value

Free Download

Most Popular

HMRC lost nearly 50% more devices in 2022

HMRC lost nearly 50% more devices in 2022

17 Mar 2023
The big PSTN switch off: What’s happening between now and 2025?

The big PSTN switch off: What’s happening between now and 2025?

13 Mar 2023
Outlook zero day patch causes headaches for Windows admins

Outlook zero day patch causes headaches for Windows admins

15 Mar 2023