SonicWall has released its 2025 Annual Cyber Threat Report, highlighting the accelerating speed and sophistication of cyberattacks targeting small and mid-sized businesses (SMBs). The report underscores that threat actors now exploit vulnerabilities within two days, while organizations take an average of 120-150 days to apply patches, leaving them increasingly vulnerable to cyber threats.
With AI-driven automation and advanced evasion techniques, attackers are intensifying their focus on SMBs, making traditional security solutions insufficient. SonicWall detected 210,258 ‘never-before-seen’ malware variants in 2024, averaging 637 new threats per day. Ransomware continues to rise, with an 8% increase in North America and a staggering 259% surge in Latin America. Additionally, IoT attacks increased by 124%, while encrypted threats climbed by 93% year-over-year.
Key findings from the report include:
- Rapid Exploitation of Vulnerabilities: 61% of cyberattacks occur within two days of a vulnerability being discovered.
- Rising Malware and Ransomware Trends: 8% overall increase in malware attacks, with a 92% spike in May 2024 alone.
- Escalation of Business Email Compromise (BEC) Attacks: BEC incidents surged to account for nearly one-third of all reported cyber events.
- Living Off the Land Binaries (LOLBins) Tactics: Attackers increasingly use native system tools to avoid detection by traditional security measures.
- AI Automation Increasing Attack Complexity: Server-Side Request Forgery (SSRF) attacks spiked 452% compared to 2023.
“The data in this year’s threat report underscores a disturbing reality: threat actors are exploiting vulnerabilities at lightning speed, while organizations take far too long to respond,” said Douglas McKee, Executive Director of Threat Research at SonicWall. “Our findings indicate that businesses are struggling to keep pace with emerging threats, and the numbers reveal the growing challenge organizations face in securing their systems.”
SonicWall urges SMBs to partner with Managed Security Service Providers (MSSPs) for real-time threat monitoring and rapid response capabilities, emphasizing that businesses can no longer rely solely on legacy security solutions to combat modern cyber threats.
