Skip to main content
close search
site logo
Dive Brief

SMBs, regional MSPs under fire from targeted phishing attacks

Published May 24, 2023
Matt Kapko's headshot
Senior Reporter
Illustrated man with fishing hook stealing key
stefanovsky via Getty Images

Dive Brief:

  • Small- to medium-sized businesses confronted more targeted phishing attacks from advanced persistent threat actors globally during the past year, Proofpoint researchers said in a report released Wednesday
  • The type of SMBs APT groups attacked are broad, but Proofpoint observed an uptick in attacks against regional managed service providers, which could lead to secondary supply chain attacks impacting hundreds of downstream victims. 
  • “SMBs have historically held smaller cybersecurity budgets than enterprise environments and in certain circumstances, SMBs handle key areas of interest for state-aligned phishing attacks,” Michael Raggi, staff threat research engineer at Proofpoint, said via email.

Dive Insight:

The report, which pulls analysis from Proofpoint's telemetry of more than 200,000 SMBs between the first quarters of 2022 and 2023, underscores a persistent threat confronting organizations that cyber authorities describe as target rich and resource poor. Proofpoint didn’t provide figures to compare attack activity on a year-over-year basis.

APT actors compromised SMB infrastructure to host or deliver malware via phishing campaigns to targeted U.S. and European government entities and financial institutions, the research found.

Proofpoint researchers also observed a higher level of APT actors targeting vulnerable regional managed service providers to initiate supply chain attacks.

“An increasing focus on federated access and the upstream providers of end-targeted entities is a logical trend to become prominent following the high profile supply chain attacks observed in previous years, including SolarWinds,” Raggi said. 

“Rather than seeing a completely novel occurrence in this regard,” Raggi said, “threat actors appear to be scaling existing tactics seen in enterprise targeting phishing campaigns for less robust SMB environments.”

The researchers observed APT groups aligned with Russia, Iran and North Korea targeting SMBs for state-sponsored financial theft, espionage, intellectual property theft, destructive attacks and disinformation campaigns.

Filed Under: Cyberattacks, Threats

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell