The 2024 Sophos Threat Report highlights the increasing cyber threats faced by small- and medium-sized businesses (SMBs) [7], with a focus on keyloggers, spyware [1] [2] [3], stealers [1] [2] [3] [4], and ransomware [1] [2] [3] [4] [5] [6] [7] [8] [9].


Ransomware [1] [2] [3] [4] [5] [6] [7] [8] [9], such as LockBit, Akira [1] [2] [3] [5] [9], and BlackCat [1] [2] [3] [5] [9], remains a significant threat to SMBs [8], with over three-quarters of cyber incidents affecting small businesses attributed to ransomware [4]. There is a growing trend of ransomware operators targeting macOS and Linux systems [4], as well as an increase in remote encryption attacks and MSP targeting. Initial access brokers (IABs) are using dark web forums to offer services for breaching SMB networks or selling access. Information-stealing malware targeting macOS is on the rise [4], with some being sold in underground forums and Telegram channels at high prices [4]. Christopher Budd from Sophos X-Ops research emphasizes the increasing value of data as currency for cybercriminals [4] [9], particularly in the SMB sector. Business email compromise (BEC) attacks are becoming more sophisticated [1] [2] [7] [8], with attackers using advanced social engineering tactics to avoid detection [2] [3]. The report also addresses the exploitation of vulnerabilities in MSPs by ransomware groups.


The 2024 Sophos Threat Report underscores the urgent need for SMBs to enhance their cybersecurity measures to protect against evolving cyber threats. It is crucial for businesses to stay informed about the latest trends in cybercrime and implement robust security protocols to safeguard their data and networks. As cybercriminals continue to target SMBs with increasingly sophisticated tactics, proactive measures and vigilance are essential to mitigate risks and ensure business continuity in the face of cyber threats.