Threat Actors Are Moving Faster Than Ever: SonicWall Warns SMBs and Highlights the Importance of Not Fighting Alone

• 61% of the time hackers exploit new vulnerabilities within 2 days
• The average organization 120-150* days to apply a patch
• SonicWall detected 210,258 ‘never-before-seen’ malware variants – 637 each day
• Ransomware intensifies in North America (+8%) and explodes in LATAM (+259%)
• Malware trended up 8% YoY, including a massive 92% spike in May alone
• IoT attacks (+124%) and encrypted threats (+93%) continue to climb globally
• Identity, cloud, and credential compromise account for 85% actionable alerts 

MILPITAS, Calif. — February 25, 2025 — SonicWall today released the 2025 SonicWall Annual Cyber Threat Report, revealing a continued onslaught of cyberattacks on small and mid-sized businesses (SMBs). Once exclusively targeting large enterprises, threat actors now use more efficient targeting and AI-driven attacks making it clear that SMBs and organizations of all sizes can’t fight this battle alone. To protect their revenue and brand integrity, businesses can rely on the expertise of a trusted Managed Service Provider (MSP), gaining advanced threat intelligence and proactive defense strategies to stay ahead of evolving cyber threats.

SMBs are facing a storm of cyber threats, as attackers leverage automation, AI, and advanced evasion techniques to evade traditional defenses. These evolving tactics make it nearly impossible for businesses to defend themselves without dedicated cybersecurity expertise. As attack surfaces expand and the time to exploit vulnerabilities shrinks, SMBs must prioritize proactive security measures. 

“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organizations 120 to 150 days to apply a critical patch,” said President and CEO Bob VanKirk. “Now more than ever, businesses need the expertise of an MSP/MSSP backed by with real-time threat monitoring and SOC capabilities. Legacy security solutions are no longer enough, businesses must adopt a new mindset to stay ahead of modern cyber threats.”

The cyber threat report provides insight, in particular for SMBs, and highlights why businesses of all sizes shouldn’t go it alone in the fight against cybercrime. SonicWall is aggressively growing our network of managed service providers to defend SMBs against the ever-evolving threat actors. 

“With the increasing speed and sophistication of cyber threats, we needed a partner that could provide real-time threat intelligence and proactive security,” said Nick Sabatini, Vice President of Managed Services at Ubeo. “Ubeo is focused on best-in-class partners that bring innovation and flexibility to meet our customers' needs, and SonicWall’s SOC services allow us to deliver 24/7 monitoring and rapid threat response, ensuring our customers stay protected without the burden of managing security alone. Their expertise and advanced security solutions empower us to protect businesses against today’s relentless cyberattacks. We've seen firsthand how SonicWall's expanded portfolio and global security reach have helped us better protect our clients and respond to the increasingly sophisticated threat landscape."

Cyber Threats Surge, Businesses at Risk

SonicWall intelligence found that on average, companies were under critical attack – the type of attack most likely to deplete business resources – for 68 days in 2024. Ransomware continues to rise, increasing 8% in North America and surging 259% in Latin America. Malware spiked 8% year-over-year, while IoT attacks jumped 124% and encrypted threats climbed 93%. 

The 2025 SonicWall Cyber Threat Report provides insight on a range of threats, including: 

• AI Automation Tools Lower Barrier for Entry While Increasing Attack Complexity - Server-Side Request Forgery (SSRF) attacks became a critical cybersecurity concern in 2024, marked by a dramatic 452% increase compared to 2023.
• Staggering Spike in Business Email Compromise (BEC) Attacks – Nearly one-third of all reported cyber events were BEC attacks, up dramatically from only 9% in 2023.
• The Escalation of Ransomware Attacks in 2024 – Ransomware was far and away the biggest threat to the healthcare industry, utilized in 95% of all breaches in this sector. 

• Living Off the Land Binaries (LOLBins): No Laughing Matter – LOLBins are integral to fileless malware campaigns, where attackers utilize native system tools to avoid leaving traditional artifacts, thus evading detection by conventional signature-based solutions.

“The data in this year’s threat report underscores a disturbing reality: threat actors are exploiting vulnerabilities at lightning speed, while organizations take far too long to respond,” said SonicWall Executive Director of Threat Research Douglas McKee. “Our findings indicate that organizations struggle to keep their businesses safe from the ever-present cyber threats, and the data that we gather paints a clear picture of the growing challenges they face. From ransomware surges to the rapid rise in IoT and encrypted threats, businesses are increasingly at risk.”

Patented RTDMI Discovered ‘Never-Before-Seen’ Malware Variants

SonicWall’s patented Real-Time Deep Memory Inspection® (RTDMI®) technology identified a total of 210,258 ‘never-before-seen’ malware variants. The threat landscape remains complex, with over 630 strains of new variants discovered each day. 

To learn more about SonicWall and get the complete 2025 SonicWall Cyber Threat Report, please visit www.sonicwall.com/threat-report. 

*As cited in Security Intelligence: How Do You Measure the Success of Your Patch Management Efforts?

About SonicWall Capture Labs

SonicWall Capture Labs threat researchers gather, analyze and vet cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories. SonicWall Capture Labs, which pioneered the use of artificial intelligence for threat research and protection over a decade ago, performs rigorous testing and evaluation on this data, establishes reputation scores for email senders and content, and identifies new threats in real-time.

About SonicWall

SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as a leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit www.sonicwall.com or follow us on Twitter, LinkedIn, Facebook and Instagram.