In this post, I’ll help you understand what it tells us for SMBs, what it means, and what you should do about it.
Key takeaways from this report for SMBs include:
What the report tells us
To start, it can help to understand how we developed this report.
We collected data from Avast’s global threat detection network and built a snapshot of the threats from which Avast protected its PC users between March 16, 2021, and April 14, 2021. To keep the data statistically relevant, we included data from countries, territories, and regions with a sample size of at least 10,000 computers belonging to home users and at least 1,000 computers used by businesses during that month. This means if a country had less than 1,000 computers used by businesses, we didn’t include it in the report. It does not mean that those businesses had more than 1,000 computers each, so the information is gathered from and relevant to small and medium businesses, as well as larger ones.
The key finding overall is that the overall chance of business users encountering a cyberthreat has increased worldwide year over year by 24% from 11.25% in 2020 to 13.9% in 2021.
We also found that business users have a 2.29% chance of encountering an advanced threat (it was 1.98% in the previous year). An advanced threat is a threat by a sophisticated attacker like those we saw in the Colonial Pipeline and Kaseya ransomware attacks.
In the report, we show how likely business users in specific countries are to experience threats.
Below, you can see the threats business users faced globally from all threats:
Visualizing the percentage of business users that faced threats across the globe
We also include the top 10 and bottom 10 countries whose business users are facing threats.
Below, you can see the levels of advanced threats that business users faced globally:
Visualizing the percentage of business users that faced advanced threats across the globe
We also include the top 10 and bottom 10 countries whose business users are facing advanced threats.
Additionally, we looked at the risk of threats and advanced threats business users face globally over the course of several months, as shown in this graph.
For comparison, below are the risks of business users facing threats and advanced threats globally over 2020.
Finally, we looked at something that everyone has been rightly concerned about recently: ransomware.
In the early months of the pandemic in 2020, we saw an increase in ransomware attacks. Ransomware grew by 20% during March and April 2020 compared to January and February 2020. These attacks have continued at that elevated rate since then into the beginning of 2021.
We also found that ransomware payments have increased since the start of the pandemic in early 2020 and have increased by 43% from the last quarter of 2020 to arrive at an average of over $200,000.
What the data means
The clearest and simplest message out of all this is that attacks against business users are up significantly for all attacks and slightly for advanced attacks.
In terms of the risks that specific countries face, we can see significant overlap in the top 10 countries for both threats and advanced threats. In fact, the top four countries for threats are also on the top 10 for advanced threats: Armenia, China, Vietnam, and the Republic of Korea. Bangladesh, which is number seven in the top 10 threats, is also number four in the top 10 advanced threats.
With half of the countries appearing in both of the aforementioned threat-related lists, we can tell that the presence of threats and advanced threats go hand in hand in some parts of the world.
Interestingly, only three counties in the bottom 10 for threats were also in the bottom 10 for advanced threats: the Dominican Republic, Luxembourg, and Sweden. This indicates that countries that are better protected against threats may not be as well protected against advanced threats.
When we look at the graph showing the risk of threats and advanced threats faced by business users globally in 2021, we can see that it rose at the end of January and the beginning of February and has remained steady at this elevated rate since then.
When we compare with the graph showing the risk of threats and advanced threats faced by business users globally in 2020, it’s notable that there was a spike in both threats and advanced threats during the onset of the Covid-19 pandemic in February 2020 and that the current, elevated threat levels don’t match those levels. In other words, the threat level is elevated but not as elevated as it was at the start of the pandemic.
Ransomware is another story, however. It has both spiked and continuously grown in scope and cost since the start of the pandemic.
What you should do
First and foremost, take the time to go through the findings of the report in detail and analyze the specific risk ratio for countries in which you have business users. This will help you understand how much more or less at risk those business users are. For example, you can conclude that business users in China are facing a significantly greater risk of both threats and advanced threats than that of business users in Sweden.
Equipped with that information, you can (and should) look to increase your security for business users located in countries at higher risk.
Second, you can also use this information to fine-tune your security. For example, since business users in the United States are on the bottom 10 for threats but not for advanced threats, you can infer that it makes sense to focus your security more strongly in order to protect against advanced threats like ransomware.
The report provides a detailed breakdown of overall global trends. It makes it easy to see that the threat environment is elevated compared to the start of 2020, but it’s less elevated than it was in early 2020. If you haven’t increased your security since the start of 2020, it makes sense to increase it to match that elevated threat environment. However, even if you did significantly increase your security in the early days of the pandemic, it may be worth reevaluating the cost of some of the measures that you put in place and make minor adjustments — especially if those increased security measures have impacted or impaired your business.
Most importantly, consistent with what we’ve seen in the news, ransomware continues to increase both as a threat and in terms of its impact. While there have been certain signs that can be positive for the long-term battle against ransomware, the short-term picture continues to be serious. If you don’t have a specific plan in place to focus protections against ransomware infection and facilitate possible recovery, you should make it a priority to build them as soon as possible.
In addition to providing key information for SMBs, there’s also information in the report related to home users — and at the end of the day, everyone is a home user. Read the full report to learn more about what we’ve introduced and to get a complete picture of the current threat landscape.
14th April 2023
2nd October 2023
21st September 2023