BlackBerry report: Cyber threats up 53%, critical sectors hit

BlackBerry has released its latest Global Threat Intelligence Report, which indicates a significant rise in cyber threats.

The report highlights a 53% increase in unique malware samples, with BlackBerry solutions detecting and thwarting an average of 11,500 new malware samples daily between April and June 2024. This marks one of the largest quarter-over-quarter increases that the company has ever recorded.

The report also reveals that the company managed to stop approximately 3.7 million cyberattacks during the same period, averaging 43,500 attacks each day. This figure represents an 18% increase in the total number of attacks compared to the previous reporting period. A substantial portion of these attacks targeted critical infrastructure sectors such as government, manufacturing, agriculture, and financial services, which accounted for over 800,000 of the thwarted attacks.

"As new threat groups emerge and established, legacy threat groups survive takedown attempts, they focus on developing new malware. This signals that these groups are allocating their resources to prioritise the impact of their attacks rather than sheer volume," said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. He further explained that even minor alterations in malware could significantly increase the success and severity of these attacks.

The report underscores the persistent threat to critical infrastructure, noting that 41% of all cyberattacks were aimed here. Of particular concern, 50% of these attacks were directed at the financial services sector, marking a 25% increase over the previous period. The heightened targeting of financial services reiterates the lucrative nature of this sector for cybercriminals.

Geopolitical tensions have also been identified as a significant driving force behind the surge in cyberattacks. The report mentions conflicts such as those between Russia and Ukraine, Israel and Hamas, and in the South China Seas. Alongside these, national elections across various countries have seen increased disinformation and cyber disruptions.

Commercial enterprises have not been spared either, witnessing a 21% increase in cyberattacks. The diversity of devices used in enterprises—from point-of-sale terminals to mobile phones and printers—offers more opportunities for attackers. Within this category, 66% of the thwarted attacks were directed at capital goods, which include manufacturing equipment and office machinery.

Technological advancements in deepfake technology have also played a role in the uptick of cyber threats. This manipulation of digital media—whether images, video, or audio—has made it easier for attackers to deceive individuals and conduct more effective social engineering attacks. BlackBerry's recent white paper on deepfakes highlights this growing concern.

The report also touches on how cybercriminals exploit chaotic situations, such as wars, natural disasters, and IT outages, to launch attacks. These moments of instability offer numerous opportunities for malicious actors to employ phishing emails, misleading social media posts, and malicious software.

Emerging ransomware groups such as BlackSuit and Space Bears were noted as new threats alongside legacy groups like LockBit. BlackBerry's Threat Intelligence and Research team predicts that threat actors will continue to refine their methodologies to target victims more effectively, with private data remaining a highly sought-after commodity.

This particular edition of the report also includes insights from the Royal Canadian Mounted Police's National Cybercrime Coordination Centre (NC3), emphasising the importance of public-private cooperation in cybersecurity efforts.