Huntress Unveils Inaugural SMB Threat Report, Observes a Large Spike in Business Email Compromise

Inside look at hacker trends impacting small to medium-sized businesses and the MSPs who defend them

Columbia, Maryland


ELLICOTT CITY, Md., Nov. 21, 2023 (GLOBE NEWSWIRE) -- Huntress, the Managed Security Platform for small and mid-sized businesses (SMBs) and the Managed Service Providers (MSPs) that support them, unveiled their inaugural SMB Threat Report. This first-of-its-kind report delivers valuable insights on emerging cyber threats and tradecraft targeting SMBs, and offers critical knowledge on how businesses can defend against them.

“The threat landscape is not slowing down. Threat actors are evolving their tradecraft to significantly impact SMBs, and our goal is to educate them and give them a fighting chance against the ever-evolving adversarial landscape. The Huntress SMB Threat Report serves as the definitive guide in helping MSP security professionals know what patterns in adversary tactics and behaviors are out there and how to protect their SMB customers,” said Joe Slowik, threat intelligence manager for Huntress.

The 5 Key Takeaways:

  • Conventional Malware On Its Way Out

    56% of incidents in Q3 2023 were “malware-free,” as adversaries use the tactic of exploiting scripting frameworks or legitimate tools, in place of malicious software. This reveals that the era of malware-driven cyberattacks is decreasing, paving the way for the acceleration of non-malware threats.
  • RMM Software Has Become a Double-Edged Sword

    65% of incidents in Q3 2023 involved threat actors using credential harvesting to gain access to victim environments through remote monitoring and management (RMM) software, a lifeline for IT administrators, or using rogue deployment to install RMM tools for access.
  • Business Email Compromise (BEC) is Posing a Big Problem for SMBs

    64% of identity-focused incidents in Q3 2023 involved malicious forwarding or other malicious inbox rules, a key indicator of business email compromise (BEC). Another 24% of identity-focused incidents involved logons from unusual or suspicious locations. Now favored as an intrusion vector, identity-based attacks are on the rise with threat actors targeting cloud services to steal identifying information or break into business emails.
  • Attackers Are Evading Detection by “Blending In”

    25% of incidents saw attackers abusing built-in tools like PowerShell and WMI as an intrusion tactic. Attackers have refined the art of deception; in order to evade detection, they are attempting to hide within the noise of legitimate network operations or use living-off-the-land tactics.
  • Ransomware Diversification Threatens SMBs

    60% of ransomware incidents were from uncategorized, unknown, or “defunct” ransomware strains. While we often hear about headline-grabbing ransomware entities, many lesser-known ransomware strains are prevalent in the SMB space. This diversity suggests that size is no deterrent for cyberattacks, and small businesses should not underestimate the risk posed by ransomware, regardless of the strain's notoriety.

The Huntress threat ops team leverages deep intelligence data from the Huntress managed security platform to deliver unique insights that will help SMBs and their MSPs mitigate their risk and protect their businesses.

Download the full report here.

About Huntress
Huntress is the leading cybersecurity partner for small and mid-sized businesses (SMBs) and the managed service providers that support them. Combining the power of the Huntress Managed Security Platform with a fully staffed 24/7 Security Operations Center (SOC), Huntress provides the technology, services, education, and expertise needed to help SMBs overcome their cybersecurity challenges and protect critical business assets. By delivering a suite of purpose-built solutions that meet budget, security, and peace-of-mind requirements, Huntress is how SMBs defend against cyberattacks.

Founded in 2015 by a group of former National Security Administration (NSA) operators, Huntress has more than doubled over the past couple of years to protect more than 2 million endpoints, supporting 4,300 partners and more than 115,000 organizations. The company recently closed a $60M series C led by Sapphire Ventures. For more information about Huntress, visit huntress.com or follow us on social media at @HuntressLabs on Twitter, Facebook, and LinkedIn.

Media Contact
Valerie Baccei
+1 (650) 400-7833
press@huntresslabs.com