Cybercrooks diversify tactics to bypass defensive controls

BlackBerry said there was a 40% increase in cyberattacks aimed at  government agencies and the public services sector, adding that its AI-driven cybersecurity solutions stopped 55,000 individual attacks overall between March and May 2023.

“Governments and public services, such as public transit, electricity, water services, schools, and non-profit organisations, stand as unfortunate bullseyes for cybercriminals and other threat actors, whose attacks seek to wreak maximum havoc and who often times face very little resistance,” said Ismael Valenzuela, VP of threat research and intelligence at BlackBerry. 

“With limited resources and immature cyber defense programs, these organisations are struggling to defend against the double pronged threat of both nation states and cybercriminals,” said Valenzuela. “Now, more than ever, they need access to actionable cyber intelligence to direct and strengthen their security strategies, while safeguarding the vital services, institutions, and trust upon which our societies thrive.”

The latest BlackBerry Global Threat Intelligence Report also shows that, from March to May, BlackBerry stopped over 1.5 million attacks. 

Threat actors deployed an average of 1.7 new malware samples per minute, a 13% increase from the previous reporting period’s average of 1.5 new samples per minute, highlighting attackers’ work to diversify their tooling to bypass defensive controls.

Also, in healthcare, the convergence of valuable data and critical services presents a lucrative target for cybercriminals. BlackBerry said it stopped at least 109,922 attacks across the healthcare sector from March to May. 

As ransomware groups continue to target organisations in these industries with information-stealing malware, the report highlights the importance of securing patient data and safeguarding the delivery of essential medical services.

Financial services institutions are facing persistent threats through smartphone-centric commodity malware, ransomware attacks, and the rise of mobile banking malware targeting the growing trend of digital banking services. 

The report explores cybersecurity challenges for the financial sector as threat actors exploit an online-banking-first mindset.