SK shieldus's security operations management center (SK shieldus) SK shieldus said Thursday that nearly 90 percent of ransomware attack reports in South Korea over the past five years came from small and medium-sized enterprises.Marking Small and Medium Enterprise Week, the company analyzed cyberattack trends and response patterns based on infringement cases handled by its dedicated response team Top-CERT between 2021 and 2025.According to the Korea Internet & Security Agency, SMEs accounted for 89.4 percent of ransomware attack reports during the period.SK shieldus found ransomware was the most common type of attack targeting SMEs, accounting for 44.9 percent of the total.Data theft accounted for 42.9 percent of cases, with cryptocurrency mining attacks also among the most common threats.The company said attackers primarily exploited weak security infrastructure and insufficient monitoring systems.The most common entry point was application vulnerabilities, which accounted for 20.8 percent of initial intrusions, followed by file upload exploits at 18.9 percent and VPN vulnerabilities at 15.4 percent.Other attack routes included malware-laden emails, watering hole attacks and exposed URLs, which were repeatedly identified in cases this year.The report also highlighted slow response times among SMEs after detecting security breaches. On average, companies took 106.1 days from identifying an attack to launching a formal investigation, while the longest recorded delay reached 700 days. More than 32 percent of affected firms took longer than 90 days to begin investigations.Cyberattacks were more frequent outside working hours, with 53.2 percent happening between 6 p.m. and 5 a.m.By industry, manufacturing firms accounted for the largest number of cases that involved losses or damage, at 47.4 percent, followed by information services at 15.8 percent and finance at 10.5 percent. Education and distribution companies also reported multiple incidents.“Limited personnel and resources are making it increasingly difficult for SMEs to respond to cybersecurity risks,” an SK shieldus official said. “We will continue expanding support to help smaller companies build dedicated security systems.”