Networks that underpin vital parts of society are the most frequently attacked by cyber threat actors. This is one of the findings from the brand-new BlackBerry® Global Threat Intelligence Report. The quarterly report details millions of cyberattacks against services we can’t live without such as banks, hospitals, utilities, and mobile phone carriers.
Here are some key cybersecurity data points from the new report.
The adage that “cyberattacks are increasing” is a constant refrain among those in security and the new BlackBerry report proves that statement is true. BlackBerry cybersecurity solutions stopped more than 5.2 million cyberattacks across all sectors during the four-month reporting period from Sept. 1 to Dec. 31, 2023. The number of cyberattacks increased 19% compared with our previous reporting period.
Based on total attacks, BlackBerry stopped an average of 31 attacks every minute of every day, up 19 percent from 26 attacks per minute during the previous reporting period.
The Global Threat Intelligence Report also quantifies the number of cyberattacks bombarding those in critical infrastructure. This sector includes communications, defense, energy, finance, government, healthcare, transportation, and utilities.
Threat actors launched, and BlackBerry stopped, well over two million cyberattacks against critical infrastructure. This represents 62% of all attacks stopped during the reporting period.
As you can see in the diagram above, threat actors also targeted those in the commercial enterprise sector quite significantly. The commercial enterprise category includes retailers, manufacturing, wholesale distributors, and professional services.
The Blackberry Global Threat Intelligence Report uncovered a 27% increase in attacks using unique malware compared to the previous reporting period. Novel malware (as opposed to commodity or “off-the-shelf" malware) is typically used when the attacker is highly interested in a specific organization or sector. Currently, BlackBerry solutions are stopping 3.7 unique hashes per minute, up from 2.9 novel hashes recorded during the last reporting period.
"We're consistently seeing increased volumes of attack in highly lucrative industries using novel malware," said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. "Novel malware typically indicates specific motivations from threat actors towards particular attack targets with intent to evade defenses, which are often based on static signatures."
Continues Valenzuela, "We've reached a pivotal point where traditional detection methods alone are not enough to combat this increasingly complex problem. AI is already being weaponized by malicious entities, so it must equally be the dominant tool for detection and defense."
Register today for the Global Threat Intelligence Report Deep Dive: March 2024 Edition webinar, where Valenzuela and Geoff O’Rourke, Senior Technical Lead for BlackBerry Threat Research and Intelligence, will share what cyber defenders should take-away from this quarter’s report.
The BlackBerry Global Threat Intelligence Report provides actionable and contextual cyber threat intelligence to help you and your organization combat cyberthreats.
The report has several sections devoted to identifying and blocking the dominant threats during this period and describes the most prevalent threats against specific operating systems.
In addition, you'll find these resources:
Incident response and analysis from the BlackBerry® Cybersecurity Services Incident Response (IR) team.
Prevalent Common Vulnerabilities and Exposures (CVEs) threat actors are utilizing now.
The top 20 techniques (from the MITRE ATT&CK® framework of 300) used for cyberattacks during the timeframe analyzed in the report.
Analysis from the thousands of alerts received by the BlackBerry MDR team using CylanceGUARD®, which is a subscription-based managed detection and response (MDR) service that provides 24x7x365 monitoring for organizations of all sizes.
Collectively, the data and analysis in this report are crucial tools for understanding today’s threat landscape and the countermeasures you can take to help defend your organization.
