Upsurge in targeted attacks against small businesses

Upsurge in targeted attacks against small businesses

Summary: Symantec reports that 36 percent of all targeted attacks during the last six months were directed at businesses with 250 or fewer employees.


targeted_symc Symantec is reporting a significant uptick in targeted attacks against SMBs (small- and medium-sized businesses) in the first half of 2012 with about 36 percent of all targeted attacks hitting businesses with 250 or fewer employees.

According to the Symantec Intelligence Report (download PDF) the 36 percent number is up from 18 percent at the end of December 2011.

"50% of attacks focused on companies with less than 2500 employees," the report added, noting that it's possible that smaller companies are now being targeted as a stepping stone to a larger organization because they may be in the partner ecosystem and less well-defended. 

"Targeted attacks are a risk for businesses of all sizes – no one is immune to these attacks," the company warned.

While this upsurge against SMBs is significant, Symantec says large enterprises consisting of more than 2,500 employees are still receiving the greatest number of attacks, with an average 69 being blocked each day.

The company said the defense industry has been the "targeted industry of choice" in the first half of 2012, with an average of 7.3 attacks per day.  This fits into the public reports on APTs (advanced persistent threats) that use highly customized tools and intrusion techniques and use stealthy, patient, persistent methods to reduce the risk of detection.

Topics: Security, Enterprise Software, Malware, Windows, SMBs

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


1 comment
Log in or register to join the discussion
  • I loved ZDnet's header for this article

    The banner read "Upsurge in attacks against SMBs", but 4 articles immediately under it discuss VLCs... (very large corporations, as if Apple is a SMB... LOL...)

    I'm not sure why it matters that SMBs are being targeted. Maybe they are stepping stones, or maybe they don't have the CA$H to stay up to date. Indeed, Adobe isn't the only company that's already abandoned security upgrades for CS5.5, compelling people to go up to CS6 (which came out, what, a month ago...)

    Of course, Adobe and others do say "use the subscription service and stay current", but that seems more like a means for Adobe to lose incentive to do anything - apart from anything token... So as other companies do the same thing, hackers are just exploiting the less-fortunate in our country. Since any society depends on how we treat our weaker citizens and corporations are people too...

    And of course the defense industry is an easy target - a quick web search has oodles of reports saying how military entitles have bought counterfeit products... you can bet real money those will be loaded with security holes and other issues... isn't it great that we offshore the manufacturing of our own military devices as well?

    I'm surprised it's Symantec, though - another web search reveals security companies that do a better job... if Symantec is reporting based on log files from their customers, I might consider switching to one of the other security companies... especially for corporate (including SMB) use... like Kaspersky, Trend, and others...