SonicWall recently released their 2025 SonicWall Annual Cyber Threat Report, revealing a continued onslaught of cyberattacks on small and mid-sized businesses (SMBs). Threat actors now use more efficient targeting and AI-driven attacks making it clear that SMBs and organizations of all sizes can’t fight this battle alone.
According to SonicWall, SMBs are facing a storm of cyber threats, as attackers leverage automation, AI, and advanced evasion techniques to evade traditional defenses. These evolving tactics make it difficult for businesses to defend themselves without dedicated cybersecurity expertise. As attack surfaces expand and the time to exploit vulnerabilities shrinks, SMBs are challenged to prioritize proactive security measures.
“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organizations 120 to 150 days to apply a critical patch,” said President and CEO Bob VanKirk.
SonicWall intelligence found that on average, companies were under critical attack – the type of attack most likely to deplete business resources – for 68 days in 2024. Additional findings included:
- Ransomware continues to rise, increasing eight percent in North America and surging 259 percent in Latin America.
- Malware spiked eight percent year-over-year, while IoT attacks jumped 124 percent and encrypted threats climbed 93 percent.
- AI automation tools can lower barriers to entry, but are also helping hackers to increase attack complexity.
- Server-Side Request Forgery (SSRF) attacks became a critical cybersecurity concern in 2024, marked by a dramatic 452 percent increase compared to 2023. SSRFs allow an attacker to trick a web application into making requests to internal or external resources on behalf of the server, potentially providing unauthorized access to sensitive data.
- Nearly one-third of all reported cyber attacks were of the business email compromise (BEC) variety, up from nine percent a year ago.
- SonicWall’s patented Real-Time Deep Memory Inspection® (RTDMI®) technology identified a total of 210,258 ‘never-before-seen’ malware variants. The threat landscape remains complex, with over 630 strains of new variants discovered each day.
To learn more about SonicWall and get the complete 2025 SonicWall Cyber Threat Report, visit www.sonicwall.com/threat-report.