Actionable Intelligence for CISOs: BlackBerry’s 2025 Global Threat Intelligence Report
Deepfakes, hacked telecommunication networks and ransomware families run amok. If you’re a CISO or cybersecurity leader, it's an around-the-clock job to track every threat. But a succinct threat summary can help — especially one that examines the most prevalent cyberthreats and their precursors, along with defensive steps your team can take right now. If this is what you’re looking for, you’re in the right place, because BlackBerry just published its January 2025 Global Threat Intelligence Report.
“Our attack surface has never been wider, with threat actors and nation states broadening their horizons into cyber espionage attacks, while ransomware groups are becoming more sophisticated in their campaigns,” said Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry.
“However, we’ve also never been better prepared. We have the tools, technology, and protocols to protect ourselves and mitigate the impact of attacks, and our industry is equipped to keep up with changes in threat actor methodology,” he added.
2025 Global Threat Overview
The Global Threat Intelligence Report highlights the threats BlackBerry® cybersecurity solutions stopped along with emerging trends in the cybersecurity threat landscape. Between July and September 2024, BlackBerry detected 600,000 attacks against critical infrastructure and thwarted nearly two million cyberattacks overall. Researchers also documented more than 3,000 unique malicious hashes targeting our customers each day.
Image: Overall cyberattacks stopped by industry (left) and sectors targeted most often with unique hashes (right).
Ransomware Threat Evolution Continues
In the report, BlackBerry threat researchers explore prevalent ransomware threats, look at specific threat actors, and share the state of the ransomware landscape:
“More recently, ransomware operations have added a third element of extortion. As opposed to only exfiltrating data and threatening to post it online, some ransomware operations are taking the time to analyze stolen data and weaponize it to increase pressure on victims who refuse to pay. This strategy may involve doxing the family members of targeted CEOs and business owners, as well as threatening to report any information about illegal business activities uncovered in the stolen data to the authorities. The ransomware operators may threaten to contact customers or clients, or worse, launch additional attacks if ransom demands are not met.”
The BlackBerry report also features an update from the Royal Canadian Mounted Police’s National Cyber Crime Coordination Centre (NC3). Together, our two organizations share intelligence on the rise of new ransomware groups, top ransomware threats, and challenges for law enforcement in combatting cyberattacks.
Actionable Threat Intelligence for 2025
The BlackBerry Global Threat Intelligence Report was created to be actionable for you and your organization. Download the report to learn:
- The latest trends and dangers from deepfakes
- Communications security threats and mitigations
- Key threat actors, tools and defensive maneuvers
- Ransomware’s evolution and warning signs that your organization is being targeted
- How to protect your remote monitoring and management (RMM) tools
The report concludes with a look at the latest MITRE attack techniques threat actors are using and a series of intelligence-based predictions for 2025 from our Threat Research team, including this one:
“As we move into 2025, we expect attackers to increasingly target telecom infrastructure rather than individual devices, allowing them to intercept communications at scale.”
Read the report for yourself to learn more.
Download: BlackBerry Global Threat Intelligence Report, January 2025 Edition
Watch: Global Threat Intelligence Report Deep Dive Webinar
