Small and Medium-sized Businesses, as well as Regional Managed Service Providers, are facing cyber threats from targeted phishing campaigns
Small- to medium-sized businesses (SMBs) worldwide have seen an increase in targeted phishing attacks by advanced persistent threat (APT) groups, according to a report released by Proofpoint on Wednesday.
The report details how APT groups, allegedly linked to Russia, Iran, North Korea, and China, have been focusing their efforts on SMBs for state-sponsored financial theft. SMBs, which often have smaller cybersecurity budgets, are attractive targets for these attacks due to their handling of key areas of interest.
Threat actors are scaling existing tactics seen in enterprise targeting phishing campaigns for less robust SMB environments. This trend towards targeting federated access and upstream providers of end-targeted entities is a logical one, following high-profile supply chain attacks like SolarWinds.
Proofpoint researchers observed a higher level of APT actors targeting vulnerable regional managed service providers to initiate supply chain attacks. This could potentially lead to secondary supply chain attacks impacting hundreds of downstream victims.
The report found that APT actors compromised SMB infrastructure to host or deliver malware via phishing campaigns to targeted U.S. and European government entities and financial institutions. APT groups such as 'Salt Typhoon,' believed to be operated by China's Ministry of State Security, have targeted SMBs with techniques including SMB exploitation and phishing-like tactics.
However, the report does not provide figures to compare attack activity on a year-over-year basis. The affected countries are generally those where state-backed cyber espionage is focused, but specific countries targeted for SMB phishing attacks are not explicitly detailed in the available search results.
The report is based on Proofpoint's telemetry of more than 200,000 SMBs between the first quarters of 2022 and 2023. It underscores the persistent threat faced by organizations that cyber authorities describe as target-rich and resource-poor.
In addition to financial theft, APT groups also targeted SMBs for espionage, intellectual property theft, destructive attacks, and disinformation campaigns. The report highlights the need for SMBs to strengthen their cybersecurity measures to protect against these threats.
Read also:
- Musk announces intention to sue Apple for overlooking X and Grok in the top app listings
- Cybertruck's Disappointing Setback, Musk's New Policy, Mega-Pack Triumphs, Model Y's Anticipated Upgrade Prior to Refresh (Week of January 25 for Tesla)
- Innovative Company ILiAD Technologies Introduces ILiAD+: Boosting Direct Lithium Extraction Technology's Efficiency Substantially
- Nuclear Ambitions at a U.S. Airport Spark Controversy, With Opposition Swelling
