In its 2025 Annual Threat Report, cybersecurity firm Sophos warns that small and midsized businesses remain prime targets for evolving cybercrime. When it comes to cybercrime trends the report highlights ransomware as the leading threat, with old and misconfigured network devices opening the door to attacks. It also identifies a surge in email-based credential theft, rising abuse of remote access tools, and the emergence of “quishing” and AI-driven social engineering. These cybercrime trends, drawn from real incident data, show cybercriminals are adapting faster than many businesses can respond.
Ransomware: A Persistent Threat to Small Businesses
What’s old is new again? Sophos reports ransomware remains a dominant threat. For small businesses, it accounts for 70% of incident response cases. When we move to the midsized tier, it jumps to 90%. These figures are for 2024. Despite a slight decline in the number of attacks, the financial impact has escalated, with costs reaching up to $7 million per incident.
Attackers are increasingly exploiting outdated and misconfigured network edge devices, such as VPNs and firewalls, which accounted for nearly 30% of initial compromises. These devices, often neglected in patching schedules, serve as easy entry points for cybercriminals.
Evolving Tactics: From MFA Phishing to Quishing
Cybercriminals adapt! All defenses are perishable. In this case, they are adapting their methods to bypass traditional security measures. One notable tactic is adversary-in-the-middle attacks, where attackers intercept multi-factor authentication (MFA) tokens to gain unauthorized access. This practice is part of the changing cybercrime trends.
There’s more! Attackers are using social engineering techniques with names like “quishing.” This tactic involves embedding malicious QR codes in emails to trick users into revealing credentials. Another “ing” to be on the watch for is “vishing.” This uses AI to generate “voice calls” that impersonate a person from technical support. This interaction, when legitimate, often requires trust and granting access, which makes mimicking them a viable point of attack. Keeping track of these cybercrime trends is crucial.
The Role of Remote Access Tools in Cyber Attacks
Attackers are repurposing legitimate remote access tools to infiltrate systems. Tools like AnyDesk and ScreenConnect were involved in 34% of incident response cases, highlighting the need for vigilant monitoring of such software. This is another example of emerging cybercrime trends.
AI and Malware: A Growing Concern
In the criminal world, as with the legitimate business world, the use of Artificial intelligence (AI) by cybercriminals is still emerging. One trend of AI being used to craft more convincing phishing emails and social engineering attacks represents a new cybercrime trend. This development underscores the need for advanced detection mechanisms and employee training to recognize sophisticated threats.
Conclusion: Beware the “Digital Detritus”
The cyber threat landscape demands a proactive approach. This is particularly true when it comes to cybersecurity for small and mid-sized businesses. These key recommendations are often repeated in reports like the one from Sophos, but that fact speaks for itself:
- Regularly update and patch network edge devices to close known vulnerabilities.
- Implementing robust MFA solutions and educating employees on recognizing phishing attempts.
- Monitoring the use of remote access tools to detect unauthorized activities.
- Investing in AI-driven security solutions to counteract sophisticated attacks.
As Sophos CEO Joe Levy aptly stated, the accumulation of outdated technology, or “digital detritus,” poses significant risks, emphasizing the importance of maintaining up-to-date and secure systems. Being aware of current cybercrime trends can help mitigate these risks.
Other News: Ransomware Surge in Q4 2024: Attacks Hit Record Highs as Hackers Shift Tactics(Opens in a new browser tab)
