7 Key Findings: BlackBerry Threat Researchers Analyze Millions of Cyberattacks
BlackBerry’s latest Global Threat Intelligence Report offers a sobering look into the current state of cyberthreats, providing crucial insights for Chief Information Security Officers (CISOs) and other cybersecurity professionals, to help you stay ahead of malicious actors.
Watch the Global Threat Intelligence Report Deep Dive Webinar on-demand to hear directly from researchers, or read this blog for a brief overview focusing on seven key findings from the BlackBerry Threat Research and Intelligence Team.
New Cyberthreat Findings from BlackBerry Report
Here are seven trends uncovered by BlackBerry researchers who created the latest version of the report.
1. A Record Number of Cyberattacks
BlackBerry® cybersecurity solutions detected and halted a staggering 3.1 million cyberattacks in the first quarter of 2024, averaging an alarming 37,000 attacks per day. This is the highest number of attacks BlackBerry has ever blocked in a single quarter.
Another notable finding in the report is that an overwhelming 82 percent of cyberattacks targeted the United States.
2. Another Major Surge in Unique Malware Utilized for Attacks
The rate at which new malware is being developed is startling. BlackBerry observed 630,000 unique malicious hashes used in attacks during the quarter—a 40 percent increase in novel hashes compared with the previous reporting period. This equates to an average of 7,500 unique malware samples per day, or 5.2 per minute.
This relentless innovation by cybercriminals poses a significant challenge for cybersecurity defenses and it's the reason we believe in AI to Stop Cyberthreats: Why Organizations Can No Longer Wait.
“Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos,” said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry.
3. Critical Infrastructure Remains a High-Value Target
Threat actors used most of their unique malware to attack critical infrastructure, which indicates they see this sector as a top target for payouts and disruption. Sixty percent of novel malware attacks targeted critical infrastructure sectors including government, healthcare, financial, and communication industries.
4. Commercial Enterprise Threats on the Rise
Commercial enterprises, including sectors such as retail, manufacturing, automotive, and professional services, saw a 10 percent jump in the emergence of new malware targeting their organizations. Social engineering tactics are increasingly being used to obtain account credentials and distribute malware, heightening the need for robust security measures.
5. Threat Actor Use of CVEs and Vulnerabilities
Common Vulnerabilities and Exposures (CVEs) continue to be a major avenue for cyberattacks. Of the nearly 8,900 CVEs reported, 56 percent were given a severity score of at least seven out of ten. This highlights the critical need for organizations to stay vigilant and promptly address known vulnerabilities to mitigate risks.
6. Persistent Ransomware Threats
Despite efforts by law enforcement to dismantle ransomware groups, threats from cybercriminal entities like LockBit, Hunters International, and 8Base remain pervasive. These malicious groups continue to adapt their tactics, making ransomware a persistent threat to organizations worldwide. The BlackBerry Threat Research and Intelligence Team predicts that threat actors will continue to put special emphasis on ransomware and infostealers.
7. A Spike in Geopolitical Influences on Cyberthreats
The global political climate is heavily influencing the cyber threat landscape. With geopolitical tensions on the rise, such as Russia’s invasion of Ukraine and ongoing conflicts in the Middle East, threat actors are leveraging these situations to refine their targets and methodologies. Disinformation and deepfake campaigns are also becoming more widespread, further eroding the public trust in political institutions.
BlackBerry's Valenzuela says, “In a year when over 50 countries are holding elections, geopolitical tensions are at an all-time high, and every nation will soon be fixated on the Olympic Games, the threat landscape can feel overwhelming to navigate. This report provides a snapshot of where threat actors are looking, how they are operating, and what we can expect in the coming months so defenders can be one step ahead.” Hear more analysis from Valenzuela in this on-demand webinar.
Staying One Step Ahead
For IT professionals, cybersecurity experts and CISOs, staying ahead of these threats requires continuous vigilance and adaptation. The June 2024 Edition of the BlackBerry Global Threat Intelligence Report provides highly actionable information to help you understand where threat actors are focusing their efforts and how they operate. Download the report, here.
