BlackBerry has released its latest Global Threat Intelligence Report, highlighting a significant focus on the global financial sector by threat actors. The report reveals that over one million attacks were logged in just 120 days, primarily using commodity malware, indicating a large number of independent actors targeting the industry for financial gain.
The financial sector's high-value data has become a prime target, with critical infrastructure attacks, including those on government, healthcare, and communications industries, accounting for 62 percent of industry-related attacks from September to December 2023. BlackBerry's Threat Research and Intelligence team noted a 27 percent increase in novel malware, with 3.7 new malicious samples per minute being prevented by its AI-powered cybersecurity solutions.
Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry, emphasized the urgency of the situation: "We're consistently seeing increased volumes of attack in highly lucrative industries using novel malware. We've reached a pivotal point where traditional detection methods alone are not enough to combat this increasingly complex problem. AI is already being weaponized by malicious entities, so it must equally be the dominant tool for detection and defense."
Key findings from the report include:
62 percent of industry-related attacks targeted critical industries, with digitization and the prospect of debilitating national infrastructure attracting notorious gangs and Malware-as-a-Service (MaaS) groups.
33 percent of all threats targeted commercial enterprises, with the majority deploying information-stealing malware to access highly sensitive data.
Rapid weaponization of CVEs by threat actors, with ransomware gangs taking advantage of new Zero Day vulnerabilities and mass mobilizing against potentially vulnerable targets.
The report predicts that 2024 will see an increase in attacks targeting critical infrastructure and other profitable segments. VPN appliances are expected to remain desirable targets for nation-state-level threat actors, and there is likely to be a continued increase in supply chain cyberattacks targeting hardware and software vulnerabilities. Additionally, the APAC region may see an increase in attacks from China and North Korea, particularly those that are financially motivated.