Study shows 61% of the time hackers exploit new vulnerabilities within two days.
SonicWall’s 2025 SonicWall Annual Cyber Threat Report reveals a continued onslaught of cyberattacks on SMBs.
Once exclusively targeting large enterprises, threat actors now use more efficient targeting and AI-driven attacks making it clear that organizations of all sizes, but particularly SMBs, can’t fight this battle alone — relying on the expertise of a trusted Managed Service Provider (MSP) to defend at-risk revenue and protect the integrity of brands and organizations.
SMBs are facing a storm of cyber threats, as attackers leverage automation, AI and advanced evasion techniques to evade traditional defenses.
These evolving tactics make it nearly impossible for businesses to defend themselves without dedicated cybersecurity expertise. As attack surfaces expand and the time to exploit vulnerabilities shrinks, SMBs must prioritize proactive security measures.
“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organizations 120 to 150 days to apply a critical patch,” said SonicWall President and CEO Bob VanKirk.
“Now more than ever, businesses need the expertise of an MSP/MSSP backed by with real-time threat monitoring and SOC capabilities. Legacy security solutions are no longer enough, businesses must adopt a new mindset to stay ahead of modern cyber threats.”
SonicWall intelligence found that on average, companies were under critical attack – the type of attack most likely to deplete business resources – for 68 days.
Ransomware continues to rise, increasing 8% in North America and surging 259% in Latin America.
Malware spiked 8% year-over-year, while IoT attacks jumped 124% and encrypted threats climbed 93%.
The report provides insight on a range of threats, including:
- AI Automation Tools Lower Barrier for Entry While Increasing Attack Complexity – Server-Side Request Forgery (SSRF) attacks became a critical cybersecurity concern in 2024, marked by a dramatic 452% increase compared to 2023.
- Staggering Spike in Business Email Compromise (BEC) Attacks – Nearly one-third of all reported cyber events were BEC attacks, up dramatically from only 9% in 2023.
- The Escalation of Ransomware Attacks in 2024 – Ransomware was far and away the biggest threat to the healthcare industry, utilized in 95% of all breaches in this sector.
- Living Off the Land Binaries (LOLBins): No Laughing Matter – LOLBins are integral to fileless malware campaigns where attackers utilize native system tools to avoid leaving traditional artifacts, thus evading detection by conventional signature-based solutions.
“The data in this year’s threat report underscores a disturbing reality: threat actors are exploiting vulnerabilities at lightning speed, while organizations take far too long to respond,” said SonicWall Executive Director of Threat Research Douglas McKee.
“Our findings indicate that organizations struggle to keep their businesses safe from the ever-present cyber threats and the data that we gather paints a clear picture of the growing challenges they face. From ransomware surges to the rapid rise in IoT and encrypted threats, businesses are increasingly at risk.”
SonicWall’s patented Real-Time Deep Memory Inspection (RTDMI) technology identified a total of 210,258 ‘never-before-seen’ malware variants. The threat landscape remains complex, with over 630 strains of new variants discovered each day.