SonicWall Releases 2025 Annual Cyber Threat Report: Key Cybersecurity Trends Revealed
DUBAI — SonicWall has released its 2025 Annual Cyber Threat Report, revealing a continued onslaught of attacks on small and mid-sized businesses. Once exclusively targeting large enterprises, threat actors now use more efficient targeting and automated tools, making it clear that SMBs cannot fight this battle alone.
According to the report, companies were under critical attack the type most likely to deplete business resources — for an average of 68 days. Ransomware continued to rise, increasing 8 percent in North America and surging 259 percent in Latin America. Malware spiked 8 percent year‑over‑year, while IoT attacks jumped 124 percent and encrypted threats climbed 93 percent.
One of the most alarming findings: nearly one‑third of all reported cyber events were Business Email Compromise attacks, up dramatically from only 9 percent in 2023. Server‑Side Request Forgery attacks also saw a 452 percent increase, as automated tools lower the barrier for entry while increasing attack complexity.
“Threat actors are moving at an unprecedented pace, exploiting new vulnerabilities within days, while we’re observing that it takes some organisations 120 to 150 days to apply a critical patch,” said President and CEO Bob VanKirk. “Legacy security solutions are no longer enough.”
SonicWall’s patented detection technology identified 210,258 “never‑before‑seen” malware variants — over 630 new strains discovered each day. Ransomware was the biggest threat to the healthcare industry, utilised in 95 percent of all breaches in that sector.
The report urges businesses to rely on managed service providers with real‑time threat monitoring and security operations capabilities. “We’ve seen firsthand how SonicWall’s expanded portfolio and global security reach have helped us better protect our clients,” said Nick Sabatini of Ubeo.
To learn more about SonicWall Releases 2025 Annual Cyber Threat Report, please visit www.sonicwall.com/threat-report.
