The report paints a concerning picture of the evolving cyber threat landscape, noting that serious and actionable attacks have increased by more than 20% globally. However, the company emphasizes that the issue is not just the rise in attacks, but how organizations respond-or fail to respond-to them.

According to the report, high and medium severity attacks surged by 20.8% to 13.15 billion hits. Interestingly, attackers are not necessarily increasing the volume of attacks but are becoming more precise and targeted, often leveraging artificial intelligence to exploit vulnerabilities more efficiently.

SonicWall's data, collected from its global network of over one million security sensors, also reveals that automated bots are responsible for over 36,000 vulnerability scans every second, accounting for more than half of all internet traffic. Meanwhile, malicious bot traffic now constitutes approximately 37% of global internet activity, highlighting the scale of automated cyber threats.

Another key finding is the growing risk from compromised identities. The report states that identity, cloud, and credential-based attacks account for nearly 85% of actionable security alerts, indicating that stolen passwords remain one of the most common entry points for attackers.

SMBs, in particular, are bearing the brunt of ransomware attacks. The report highlights that 88% of breaches in SMBs involved ransomware in 2025, a figure more than double that seen in large enterprises. Additionally, IoT-related attacks have also increased, with over 609 million incidents recorded.

Speaking on the findings, Michael Crean, SVP and GM of Managed Security Services at SonicWall, said, "The vast majority of attacks we're seeing are basic fundamentals that continue to be missed. The danger isn't that AI isn't working; it's that we're using it as an excuse not to do the things we already know we should."

A central theme of the report is the identification of what SonicWall calls the "Seven Deadly Sins of Cybersecurity." These include ignoring basic security practices, overestimating security readiness, overexposed access systems, reactive security approaches, cost-cutting in security investments, reliance on outdated access models like VPNs, and chasing advanced tools without proper implementation.

Crean further noted, "The organizations that suffer the most are not failing because of sophisticated attacks, they're failing because of predictable, preventable gaps."

Debasish Mukherjee, Vice President of Sales, APJ at SonicWall, added, "SMBs continue to be impacted by gaps in fundamental security practices. As attackers become more precise and AI-enabled, closing these gaps will be critical for strengthening resilience."

The report emphasizes that cybersecurity failures are often not due to lack of technology but due to poor execution of existing security measures. It also aims to guide MSPs and MSSPs in translating technical risks into actionable business insights for better decision-making.

With cyber threats becoming more targeted and persistent, the report underscores the urgent need for SMBs to strengthen their security posture, focusing on fundamentals, proactive monitoring, and effective implementation to mitigate risk.