Industry News and Events

SonicWall Data Reveals the Top Five Most Widespread Network Attacks Used Against Small Businesses

The last two years of firewall telemetry data, paints a clear picture of what attacks are most widespread amongst SMBs – demanding the need for prioritization

MILPITAS, Calif. — May 2, 2024 — A review of SonicWall telemetry data suggests that the most widespread network attacks to small businesses (SMBs) are older vulnerabilities with a large amount of publicly available information and affecting major vendors. In light of this data, prioritization is a critically important factor for today’s CISOs who are asked to manage and prioritize risk.

“In order to properly prioritize threats, we must first understand what attacks, vulnerabilities, and tactics are being used by our enemies,” said SonicWall Executive Director of Threat Research Doug McKee. “Relying too heavily on one factor (e.g., CVSS scores) can lead to an incomplete view of the risk associated with a vulnerability. Consider all factors together to develop a comprehensive understanding of the risk landscape and prioritize vulnerabilities accordingly.”

From January 2022 to March 2024, using SonicWall IPS data, SonicWall determined the most widespread attacks against small businesses. Here are the top five ranked:

  1. Log4j (CVE-2021-44228) - 43% of organizations were under attack
  2. Fortinet SSL VPN Path Traversal (CVE-2018-13379) - 35% of organizations were under attack
  3. Heartbleed (CVE-2014-0160) - 35% of organizations were under attack
  4. Atlassian Pre-Auth Arbitrary File Read (CVE-2021-26085) - 32% of organizations were under attack
  5. VMware SSRF (CVE-2021-21975) - 28% of organizations were under attack

The “newest” vulnerability on this list is almost three years old, and the oldest goes back almost a decade.  This suggests the biggest “win” for small businesses is to ensure they have a solid methodology in place for dealing with well-known vulnerabilities, regardless of the age of the threat.

“It is still very relevant to spend time and resources tracking down items like heart bleed and log4j, which is arguably more valuable than worrying about the latest AI threat or zero days in Microsoft with no publicly available exploit,” said McKee.

Prioritization is Key

Prioritization is a critical factor for today’s CISOs who are asked to manage and prioritize risk.  The largest challenge with supply chain issues like Log4j, is understanding simply – is it used and where?  Product security testing or other forms of deep technical analysis of the product used on your network is vital to ensure a business is protected from threats being used by attackers and therefore should take priority in terms of funding.

For more information visit www.sonicwall.com.

About SonicWall

SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.

latest stories

  • Les données sur les menaces de SonicWall révèlent la profondeur des cyberattaques et renforcent la nécessité de recourir à des fournisseurs de services managés (MSP)
    Les tentatives d’intrusion augmentent (+20 %), les auteurs de menaces diversifiant leurs tactiques : les attaques progressent dans le monde entier Les ransomwares s’intensifient tout au long de l...
    Read More
  • SonicWall tient sa promesse d’offrir plus de flexibilité avec ses services managés pour les terminaux
    SonicWall étend sa solution MDR (Managed Detection and Response) avec un centre d’opérations de sécurité (SOC) ouvert 24h/7j, propulsant la croissance de ses partenaires avec une suite de solutions ma...
    Read More
  • SonicWall accélère ses offres SASE et acquiert un fournisseur de sécurité cloud reconnu
    Avec l’acquisition de Banyan Security, SonicWall redouble d’efforts pour développer sa plateforme de sécurité cloud destinée au collaborateur distant moderne MILPITAS, Californie — 3 janvier 2024 — So...
    Read More