Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

Malware Incidents at US SMBs Spiked 165% in Q1

Texas-based SMBs suffered the most malware attack attempts in the first quarter while those in Arizona had the biggest year-over-year increase, according to new Malwarebytes report.

Malware attacks on small-to midsized (SMB) businesses in the US jumped 165% in the first quarter over the same period last year, according to a new report published today.

The Malwarebytes study, which evaluated businesses with fewer than 1,000 seats of the vendor's security software installed, found each state posted at least a 90% year-over-year first quarter increase in malware incidents, with 10 states exceeding the 400% mark. The data comes from malware detected by the firm's software.

Arizona SMBs suffered the most malware attack attempts during the first quarter, with a whopping 1,332.8% increase over the previous year, the report states. SMBs in Hawaii, Alaska, and Maine also faced a dramatic rise in first quarter malware incidents, with each posting over a 1,000% jump.

Source: Malwarebytes

Source: Malwarebytes

Justin Dolly, chief security officer and CIO with Malwarebytes, says these states got hit hardest likely due to a double-whammy effect: the industries located in these states are frequently targeted by cybercriminals, a problem that is compounded by the problem of SMBs typically not having a designated security staff to deal with the malware attacks.

Industries that face a high rate of malware include aerospace, automotive, chemicals, education, healthcare, hospitality, manufacturing, mining, oil and gas, retail, technology, and tourism, according to the report.

"Healthcare and education generally have lots and lots of endpoints and manufacturing has lots of nodes, so patching endpoints and nodes can be a problem," Dolly says. He added that these industries tend to be reluctant to patch quickly and often.

But in Arizona's case, its top industries include aerospace, technology, and renewable energy, while Alaska relies on oil, gas, and mining, and Hawaii is known for its tourism.

SMBs operating in Texas, which heavily relies on the oil and gas industry, technology, aerospace, and healthcare, suffered the largest onslaught in the nation of first quarter malware attacks, according to the report. Texas accounted for 50% of all botnet incidents that affected SMBs, 55% of all spyware incidents, and 61% of all ransomware incidents.

"It doesn't surprise me that Texas had the most attacks," says Adam Kujawa, director of Malwarebytes Labs. "Texas is the biggest state and there are a lot more businesses there, so it makes perfect sense."

Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the conference schedule and to register.

 

In drilling down on the type of malware attacks, Nevada by far posted the greatest first quarter increase in botnet incidents, with SMBs there seeing the gambling state hit with a massive 5,600% spike in that type of attack over the previous year. Kujawa pointed to Nevada's tourism industry and its need to deliver reliable connectivity to its customers. That makes the state an attractive botnet target that leaves SMBs scrambling to keep their proverbial lights on.

<i>Source: Malwarebytes</i>

Source: Malwarebytes

Ransomware attacks on New Mexico's SMBs posted a jump of 3,560% in the first quarter, which Dolly attributes to the region facing similar industry issues as Texas. Maryland SMBs, meanwhile, were busy in the first quarter fending off spyware attacks.

With the National Security Agency headquartered in Maryland, spyware thieves may be angling to infiltrate SMBs that are vendors to NSA, as well as tap into hotels where government workers may frequent, says Kujawa.

Members of the National Small Business Association overall worry about cyberattacks and malware, especially when it comes to the effect on their customers, a spokesperson for the association says.

"Our members are very concerned with malware – both in the fact that some kinds that may not be necessarily 'stealing money,' can pose significant problems especially if it's somehow infected your website. That can lead to spreading the malware to your customers and even getting blacklisted on Internet search platforms – which is a huge problem if you do any kind of online commerce," she says.

Related Content:

 

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Cloud Security Threats for 2021
Or Azarzar, CTO & Co-Founder of Lightspin,  12/3/2020
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Assessing Cybersecurity Risk in Todays Enterprises
Assessing Cybersecurity Risk in Todays Enterprises
COVID-19 has created a new IT paradigm in the enterprise and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27772
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in coders/bmp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned int`. This would most likely lead to an impact to application availability, but could po...
CVE-2020-27773
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned char` or division by zero. This would most likely lead to an impact to appli...
CVE-2020-28950
PUBLISHED: 2020-12-04
The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.
CVE-2020-27774
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift for 64-bit type `ssize_t`. This would most likely lead to an impact to application availability, but co...
CVE-2020-27775
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type unsigned char. This would most likely lead to an impact to application availability, but c...