Threat Actors Are Moving Faster Than Ever
SonicWall today released the 2025 SonicWall Annual Cyber Threat Report, revealing a continued onslaught of cyberattacks on small and mid-sized businesses (SMBs). Once exclusively targeting large enterprises, threat actors now use more efficient targeting and AI-driven attacks making it clear that SMBs and organisations of all sizes can’t fight this battle alone — relying on the expertise of a trusted Managed Service Provider (MSP) to defend at-risk revenue and protect the integrity of brands and organisations.
SMBs are facing a storm of cyber threats, as attackers leverage automation, AI and advanced evasion techniques to evade traditional defences. These evolving tactics make it nearly impossible for businesses to defend themselves without dedicated cybersecurity expertise. As attack surfaces expand and the time to exploit vulnerabilities shrinks, SMBs must prioritise proactive security measures.
“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organisations 120 to 150 days to apply a critical patch,” said President and CEO Bob VanKirk. “Now more than ever, businesses need the expertise of an MSP/MSSP backed by with real-time threat monitoring and SOC capabilities. Legacy security solutions are no longer enough, businesses must adopt a new mindset to stay ahead of modern cyber threats.”
The report provides insight, in particular for SMBs, and highlights why businesses of all sizes shouldn’t go at it alone in the fight against cybercrime. SonicWall is aggressively growing its network of managed service providers to defend SMBs against the ever-evolving threat actors.
“With the increasing speed and sophistication of cyber threats, we needed a partner that could provide real-time threat intelligence and proactive security,” said Nick Sabatini, Vice President of Managed Services at Ubeo. “Ubeo is focused on best-in-class partners that bring innovation and flexibility to meet our customers’ needs, and SonicWall’s SOC services allow us to deliver 24/7 monitoring and rapid threat response, ensuring our customers stay protected without the burden of managing security alone. Their expertise and advanced security solutions empower us to protect businesses against today’s relentless cyberattacks. We’ve seen firsthand how SonicWall’s expanded portfolio and global security reach have helped us better protect our clients and respond to the increasingly sophisticated threat landscape.”
Cyber Threats Surge, Businesses at Risk
SonicWall intelligence found that on average, companies were under critical attack – the type of attack most likely to deplete business resources – for 68 days. Ransomware continues to rise, increasing 8% in North America and surging 259% in Latin America. Malware spiked 8% year-over-year, while IoT attacks jumped 124% and encrypted threats climbed 93%.
Here in the Middle East, and particularly in GCC countries such as the UAE and Saudi Arabia that have stepped up their shift to a digitised future, cyberattacks have the potential to derail these efforts entirely. Meanwhile, the increased threat surface has also intensified risk — the total number of cyberattacks in the UAE and Saudi Arabia combined has jumped 25% in 2024, when compared to the previous year.
The 2025 SonicWall Mid-Year Cyber Threat Report provides insight on a range of threats, including:
- AI Automation Tools Lower Barrier for Entry While Increasing Attack Complexity – Server-Side Request Forgery (SSRF) attacks became a critical cybersecurity concern in 2024, marked by a dramatic 452% increase compared to 2023.
- Staggering Spike in Business Email Compromise (BEC) Attacks – Nearly one-third of all reported cyber events were BEC attacks, up dramatically from only 9% in 2023.
- The Escalation of Ransomware Attacks in 2024 – Ransomware was far the biggest threat to the healthcare industry, utilised in 95% of all breaches in this sector.
- Living Off the Land Binaries (LOLBins): No Laughing Matter – LOLBins are integral to fileless malware campaigns, where attackers utilise native system tools to avoid leaving traditional artefacts, thus evading detection by conventional signature-based solutions.
“The data in this year’s threat report underscores a disturbing reality: threat actors are exploiting vulnerabilities at lightning speed, while organisations take far too long to respond,” said SonicWall Executive Director of Threat Research Douglas McKee. “Our findings indicate that organisations struggle to keep their businesses safe from the ever-present cyber threats, and the data that we gather paints a clear picture of the growing challenges they face. From ransomware surges to the rapid rise in IoT and encrypted threats, businesses are increasingly at risk.”
Patented RTDMI Discovered ‘Never-Before-Seen’ Malware Variants
SonicWall’s patented Real-Time Deep Memory InspectionTM (RTDMITM) technology identified a total of 210,258 ‘never-before-seen’ malware variants. The threat landscape remains complex, with over 630 strains of new variants discovered each day.
Last Updated on 13 hours by News Desk 1
