Small businesses face nearly double cyberattacks in 2025, Guardz warns

Small and medium-sized businesses (SMBs) have experienced an alarming surge in cyberattacks this year, according to new research from cybersecurity company Guardz.

 

In a report released yesterday, Guardz said that cyberattacks on SMBs nearly doubled in the first half of 2025 compared to the same period in 2024 

 

Researchers found almost 100 ransomware detections across SMBs and a sharp increase in credential-based intrusions, including password compromises and credential stuffing.

 

Guardz warned that attackers are increasingly targeting small firms because they often lack dedicated IT security staff or advanced defenses. Many rely on cloud-based services without proper monitoring, making them easy targets for automated attacks.

 

The report echoes concerns from cyber insurers that ransomware is no longer confined to large enterprises.

 

 Instead, criminal groups are scaling down operations to maximize profits, frequently demanding smaller ransoms from under-protected businesses.

 

For SMBs, the financial and reputational consequences of a breach can be severe.

 

 Experts recommend cost-effective defenses such as multifactor authentication, frequent backups, patch management, and staff awareness training.

 

 “As attacks continue to escalate, small businesses must recognize that they are on the frontlines of cybercrime,” the Guardz report concluded.