Malware Incidents at US SMBs Spiked 165% in Q1Texas-based SMBs suffered the most malware attack attempts in the first quarter while those in Arizona had the biggest year-over-year increase, according to new Malwarebytes report.
Malware attacks on small-to midsized (SMB) businesses in the US jumped 165% in the first quarter over the same period last year, according to a new report published today.
The Malwarebytes study, which evaluated businesses with fewer than 1,000 seats of the vendor's security software installed, found each state posted at least a 90% year-over-year first quarter increase in malware incidents, with 10 states exceeding the 400% mark. The data comes from malware detected by the firm's software.
Arizona SMBs suffered the most malware attack attempts during the first quarter, with a whopping 1,332.8% increase over the previous year, the report states. SMBs in Hawaii, Alaska, and Maine also faced a dramatic rise in first quarter malware incidents, with each posting over a 1,000% jump.
Justin Dolly, chief security officer and CIO with Malwarebytes, says these states got hit hardest likely due to a double-whammy effect: the industries located in these states are frequently targeted by cybercriminals, a problem that is compounded by the problem of SMBs typically not having a designated security staff to deal with the malware attacks.
Industries that face a high rate of malware include aerospace, automotive, chemicals, education, healthcare, hospitality, manufacturing, mining, oil and gas, retail, technology, and tourism, according to the report.
"Healthcare and education generally have lots and lots of endpoints and manufacturing has lots of nodes, so patching endpoints and nodes can be a problem," Dolly says. He added that these industries tend to be reluctant to patch quickly and often.
But in Arizona's case, its top industries include aerospace, technology, and renewable energy, while Alaska relies on oil, gas, and mining, and Hawaii is known for its tourism.
SMBs operating in Texas, which heavily relies on the oil and gas industry, technology, aerospace, and healthcare, suffered the largest onslaught in the nation of first quarter malware attacks, according to the report. Texas accounted for 50% of all botnet incidents that affected SMBs, 55% of all spyware incidents, and 61% of all ransomware incidents.
"It doesn't surprise me that Texas had the most attacks," says Adam Kujawa, director of Malwarebytes Labs. "Texas is the biggest state and there are a lot more businesses there, so it makes perfect sense."
Black Hat USA returns to the fabulous Mandalay Bay in Las Vegas, Nevada, July 22-27, 2017. Click for information on the conference schedule and to register.
In drilling down on the type of malware attacks, Nevada by far posted the greatest first quarter increase in botnet incidents, with SMBs there seeing the gambling state hit with a massive 5,600% spike in that type of attack over the previous year. Kujawa pointed to Nevada's tourism industry and its need to deliver reliable connectivity to its customers. That makes the state an attractive botnet target that leaves SMBs scrambling to keep their proverbial lights on.
Ransomware attacks on New Mexico's SMBs posted a jump of 3,560% in the first quarter, which Dolly attributes to the region facing similar industry issues as Texas. Maryland SMBs, meanwhile, were busy in the first quarter fending off spyware attacks.
With the National Security Agency headquartered in Maryland, spyware thieves may be angling to infiltrate SMBs that are vendors to NSA, as well as tap into hotels where government workers may frequent, says Kujawa.
Members of the National Small Business Association overall worry about cyberattacks and malware, especially when it comes to the effect on their customers, a spokesperson for the association says.
"Our members are very concerned with malware – both in the fact that some kinds that may not be necessarily 'stealing money,' can pose significant problems especially if it's somehow infected your website. That can lead to spreading the malware to your customers and even getting blacklisted on Internet search platforms – which is a huge problem if you do any kind of online commerce," she says.
Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio