FBI Supervisory Special Agent Michael Sohn has warned that small and medium-sized businesses have been increasingly targeted by cyberattacks as corporations bolster cybersecurity investments, CNBC reports.
"So what the cybercriminals are doing is theyre pivoting, theyre evolving and targeting the soft targets, which are the small and medium businesses," said Sohn at CNBC's Small Business Playbook virtual event.
Small businesses comprised most of the 847,376 public cyberattack and malicious cyber activity complaints received by the FBI's Internet Crime Complaint Center, Sohn said, adding that implementing very basic cyber hygiene, including two-factor or multi-factor authentication techniques, could have avoided such attacks.
However, recent CNBC and SurveyMonkey data showed that the rate of small business owners who reported not being worried about being impacted by a cyberattack in the next 12 months rose from 58% in 2021 to 61% in 2022. Moreover, 64% of small business owners expressed confidence in quickly resolving cyberattacks.
Ukrainian hacktivist operation IT Army has taken responsibility for a significant distributed denial-of-service attack against Russian local airline booking system Leonardo, which is used by over 50 Russian carriers, according to The Record, a news site by cybersecurity firm Recorded Future.
New attacks with the updated SysUpdate toolkit have been deployed by Chinese advanced persistent threat operation Budworm, also known as APT27, Emissary Panda, Bronze Union, Lucky Mouse, Iron Tiger, and Red Phoenix, against an Asian government and a Middle East-based telecommunications provider, reports The Hacker News.
Forty-five malicious NPM and PyPI packages have been deployed by threat actors to facilitate extensive data theft operations as part of a campaign that commenced on Sept. 12, according to BleepingComputer.