๐ A harsh reality
The developers who build web platforms will leaveโฆ
The specialists who configure the infrastructure will leaveโฆ
The engineers who promise to fix vulnerabilities later will leaveโฆ
But vulnerabilities remain, becoming easy targets for malicious actors if not identified and addressed in time.
What cyber threats affect SMEs the most?
SMEs are increasingly exposed to cyber risks, and attackers exploit any security weakness. The biggest challenges include:
โ
Unpatched vulnerabilities โ 80% of reported incidents in Romania are linked to missing updates and security patches (Beman ASE).
โ
Rise in ransomware attacks โ In Europe, ransomware attacks increased by 64% between 2022 and 2024 (Digital SME).
๐ Global and regional context:
๐ 2023: International reports show a global 79% increase in ransomware incidents in 2023 compared to 2022, with a 27% rise in affected companies worldwide.
๐ 2024: In France, 74% of organizations reported cyberattacks in 2024, but it is unclear if these include ransomware exclusively.
๐ช๐บ Trends in Europe and Romania:
๐ The Cyberint Report (2024) highlights an escalation in ransomware attack sophistication across Europe, including multi-layer extortion and AI-powered techniques. While no year-over-year comparative figures are provided, the report notes increased risk due to geopolitical conflicts and the rise of Malware-as-a-Service (MaaS).
๐ DNSC reports a surge in application-level (L7) attacks in 2024, affecting financial services and e-commerce, though it is not specified if these include ransomware.
๐ Government sector: The APT group GoldenJackal compromised isolated systems in Europe in 2024, using malware for data theft.
โ
Limited cybersecurity budgets โ Many SMEs cannot afford advanced security solutions, making them easy targets for attackers.
How can SMEs protect themselves?
Without adequate measures, cyber risks can lead to significant financial and reputational damage. Protecting applications and IT infrastructure must be a priority. What solutions exist?
๐น Security testing โ Identifying and fixing vulnerabilities before they are exploited by malicious actors.
๐น Tailored security strategies โ SMEs must implement measures adapted to their specific needs.
๐น Awareness and training โ Employees need to be educated on cyber risks to prevent phishing and social engineering attacks.
A solid cybersecurity strategy and risk awareness can make the difference between a business at high risk of compromise and a more resilient one.