Skip to main content
close search
site logo
Dive Brief

SMBs, regional MSPs under fire from targeted phishing attacks

Published May 24, 2023
Matt Kapko's headshot
Senior Reporter
Illustrated man with fishing hook stealing key
stefanovsky via Getty Images

Dive Brief:

  • Small- to medium-sized businesses confronted more targeted phishing attacks from advanced persistent threat actors globally during the past year, Proofpoint researchers said in a report released Wednesday
  • The type of SMBs APT groups attacked are broad, but Proofpoint observed an uptick in attacks against regional managed service providers, which could lead to secondary supply chain attacks impacting hundreds of downstream victims. 
  • “SMBs have historically held smaller cybersecurity budgets than enterprise environments and in certain circumstances, SMBs handle key areas of interest for state-aligned phishing attacks,” Michael Raggi, staff threat research engineer at Proofpoint, said via email.

Dive Insight:

The report, which pulls analysis from Proofpoint's telemetry of more than 200,000 SMBs between the first quarters of 2022 and 2023, underscores a persistent threat confronting organizations that cyber authorities describe as target rich and resource poor. Proofpoint didn’t provide figures to compare attack activity on a year-over-year basis.

APT actors compromised SMB infrastructure to host or deliver malware via phishing campaigns to targeted U.S. and European government entities and financial institutions, the research found.

Proofpoint researchers also observed a higher level of APT actors targeting vulnerable regional managed service providers to initiate supply chain attacks.

“An increasing focus on federated access and the upstream providers of end-targeted entities is a logical trend to become prominent following the high profile supply chain attacks observed in previous years, including SolarWinds,” Raggi said. 

“Rather than seeing a completely novel occurrence in this regard,” Raggi said, “threat actors appear to be scaling existing tactics seen in enterprise targeting phishing campaigns for less robust SMB environments.”

The researchers observed APT groups aligned with Russia, Iran and North Korea targeting SMBs for state-sponsored financial theft, espionage, intellectual property theft, destructive attacks and disinformation campaigns.

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
Torus Unveils Integrated Energy Storage and AI-Driven Cybersecurity Solutions
From Torus
October 24, 2024
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell