Skip to main content

SMB cyber infections rising amid resurgence of attacks leveraging Microsoft Excel, Kaspersky reports

June 25, 2024

Ahead of International SMB Day on 27 June, a new Kaspersky report reveals that the number of infections experienced by the sector has risen by 5% over the first quarter of 2024, compared to the same period last year. The number of users who encountered malware and unwanted software hiding in or mimicking software products was 2,402, with 4,110 unique files distributed under the guise of SMB-related software. This represents an 8% increase year-on-year and suggests an ongoing rise of attacker activity.

Small to medium-sized businesses (SMBs) are increasingly being targeted by cybercriminals, according to the latest Kaspersky's report released today. The most prevalent form of attack continues to be Trojans, which are especially hazardous because, unlike viruses, they cannot self-replicate, and they usually mimic legitimate software. Their adaptability and capacity to evade traditional security measures render them a widespread and potent tool for cybercriminals.

Kaspersky recorded the number of Trojan attacks for the period Jan – April 2024 at 100,465 representing a 7% increase on the same period in 2023, and 83,145 more attacks than the next highest threat measured posed by DangerousObjects, itself recording 17,320 attacks – some 6,994 more than in 2023.

Microsoft Excel has resumed its position as the number one channel of attack, moving from fourth to first place between 2023 and 2024. Microsoft Word secured second place, while Microsoft PowerPoint and Salesforce were the third most targeted applications.

To access information on the threats related to the SMB sector, Kaspersky analysts cross referenced selected applications, such as MS Office, MS Teams, Skype, and other programs used in the SMB space against Kaspersky Security Network (KSN) telemetry. This enables them to determine the prevalence of malicious files and unwanted software related to these programs, as well as the number of users attacked by these files.

Phishing remains a constant threat in the SMB sector and can have catastrophic consequences for business. Employees receive links to seemingly familiar and legitimate websites that imitate popular services, corporate portals, and online banking platforms. Once targets sign in, they inadvertently divulge usernames and passwords to cybercriminals or trigger automated cyberattacks, compromising sensitive information and business security.

“Our intelligence reveals that human error, often due to poor cybersecurity awareness, remains a significant vulnerability for SMBs. In addition, the ubiquitous use of Microsoft Excel in office environments provides fertile ground for cybercriminals who can hide and manipulate malicious data in large datasets that are then widely shared across a business. Although SMBs might be under the illusion they are not a target, they belong to huge ecosystem of interconnected assets and cybercriminals will exploit any weakness. For this reason, it is critical for all SMBs to create clear policies for accessing any corporate assets and ensure that staff are regularly reminded of the importance of following basic cybersecurity rules,” comments Vasily Kolesnikov, a cybersecurity expert at Kaspersky.

Protecting the SMB sector from the increasing interests of cybercriminals is crucial for the global economic, social and environmental challenges that lie ahead, particularly in emerging growth economies. According to UN data, 7 out of every 10 jobs in emerging economies are in the SMB sector, while access to finance is disproportionately challenging, making it harder for businesses in the sector to protect themselves against attack.

Read the full report on Securelist.com

To protect your business from cyberthreats, please consider the following guidelines:

  • To protect the company against a wide range of threats, use solutions from Kaspersky Next product line that provide real-time protection, threat visibility, investigation and response capabilities of EDR and XDR for organizations of any size and industry. Depending on your current needs and available resources, you can choose the most relevant product tier and easily migrate to another one if your cybersecurity requirements are changing.
  • Transform the workforce into an extra layer of protection against human-related cyberattacks with Kaspersky Automated Security Awareness Platform , solution that instill safe internet behavior and includes a simulated phishing attack exercise, so they know how to recognize phishing emails and other socially engineered lures. 
  • Implementing Kaspersky Professional Services optimizes the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance. And Kaspersky Premium Support facilitates quicker technical incident resolution, with less impact on business processes. 
  • Provide your staff with basic cybersecurity hygiene training. Conduct a simulated phishing attack to ensure that they know how to distinguish phishing emails.
  • Set up a policy for access to corporate assets, including email boxes, shared folders, and online documents. Keep it up to date and remove access if an employee no longer needs the details to do their job or when they leave the company. Use cloud access security broker software that can help manage and monitor employee activity within cloud services and enforce security policies.
  •  Make regular backups of essential data to ensure corporate information stays safe in case of emergencies.
  • Implementing Kaspersky Professional Services optimizes the workload of your heavily challenged IT department. Kaspersky experts assess the state of your current IT security, then deploy and configure Kaspersky software quickly and properly to ensure hassle-free ongoing performance. And Kaspersky Premium Support facilitates quicker technical incident resolution, with less impact on business processes

SMB cyber infections rising amid resurgence of attacks leveraging Microsoft Excel, Kaspersky reports

Ahead of International SMB Day on 27 June, a new Kaspersky report reveals that the number of infections experienced by the sector has risen by 5% over the first quarter of 2024, compared to the same period last year. The number of users who encountered malware and unwanted software hiding in or mimicking software products was 2,402, with 4,110 unique files distributed under the guise of SMB-related software. This represents an 8% increase year-on-year and suggests an ongoing rise of attacker activity.
Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases