Cyber criminals are narrowing their focus on SMBs according to the Acronis Cyberthreats Report mid-year update.
Despite the perception they are too small to target, SMBs are increasingly vulnerable due to supply chain attacks and greater use of automation by ransomware groups
The report revealed that during the first half of 2021, four out of five organisations experienced a cybersecurity breach originating from a vulnerability in their third party vendor ecosystem.
“While the increase in attacks affects organisations of all sizes, something that’s under reported in the coverage of current cyberthreat trends is the impact on the small business community,” said Candid Wüest, Acronis VP of Cyber Protection Research.
“Unlike larger corporations, small and medium-sized companies don’t have the money, resources, or staffing expertise needed to counter today’s threats.
"That’s why they turn to IT service providers – but if those service providers are compromised, those SMBs are at the mercy of the attackers.
"By utilising supply-chain attacks against managed service providers (MSPs), attackers gain access to both the MSP business and all of its clients.
"As seen in the SolarWinds breach last year and the Kaseya VSA attack earlier in 2021, one successful attack means they can breach hundreds or thousands of SMBs downstream."