A new threat intelligence report released today by BlackBerry Ltd. has found a substantial increase in cyberattacks and an increasing diversification of attacks and types of tools deployed to bypass defensive controls.

The report was based on 3.3 million cyberattacks BlackBerry intercepted in the three months from June through to August, up 70% from the previous three months. The volume of attacks worked out to 26 per minute, with the BlackBerry Threat Research and Intelligence team also recording 2.9 unique malware samples per minute.

Due to its role in the global economy and the data it holds, the financial sector saw the most significant uptick in cyberattacks, topping healthcare, government and critical infrastructure in the list of industries most targeted by cyberthreats. The healthcare industry is noted as facing unique challenges due to its dependence on confidential patient data and its need to maintain uninterrupted service delivery, making the industry an attractive target and resulting in a sharp increase in malware attacks on the sector.

Not surprisingly, ransomware continued to be popular. The report highlighted that attackers are increasingly resorting to double-tap or multilayered extortion schemes that involve data not only being encrypted but also stolen, with ransomware gangs threatening to release or sell the data if a ransom is not paid. Some groups were observed launching additional attacks such as distributed denial-of-service to put more pressure on victims to pay up.

With the Russian invasion of Ukraine ongoing, the report also delves into the geopolitical aspects of targeted attacks on critical infrastructure and financial sectors, including on Ukrainian utilities and government agencies, as well as cryptocurrency services. Advanced persistent threat groups, including the Sofacy Group and the infamous North Korean-affiliated Lazarus Group, have been particularly active, adapting their tactics and techniques to pose formidable challenges to cybersecurity defenses.

In response to these rising threats, the report details how governments and international alliances are intensifying their efforts to combat them. In one example, the U.S. Department of Defense released an unclassified summary of its 2023 DOD Cyber Strategy in September, which detailed how the DOD is taking a prevention-first approach to cyber threats and the importance of public-private partnerships in enhancing national cybersecurity capabilities.

The report concludes with a number of forecasts on the future of cybersecurity threats. BlackBerry predicts increased targeted attacks due to escalating global conflicts, such as the 2023 Israel-Hamas war, which will drive more destructive cyberattacks against public entities, educational institutions, governments and utility services. The attacks could range from data destruction and exfiltration to impersonation and espionage.

The report warns of the increasing misuse of social networks and messaging apps for spreading propaganda and bypassing traditional DNS monitoring to facilitate command and control connections and data exfiltration, increased activities from ransomware groups and the potential risk associated with generative artificial intelligence.

Image: DALL-E 3