BlackBerry Reports 53 Percent Increase in Unique Malware Used in Cyberattacks
The high increase in novel hashes shows malware developers are rapidly updating and adapting their code to be more resilient.
WATERLOO, ONTARIO – September 24, 2024 – BlackBerry Limited (NYSE: BB; TSX: BB) today released its latest Global Threat Intelligence Report, revealing that BlackBerry® cybersecurity solutions detected and stopped an average of 11,500 unique malware samples daily, up 53 percent from the previous reporting period. This is one of the highest quarter-over-quarter increases since shifting from yearly threat reports.
The company stopped a total of 3.7 million cyberattacks (43,500 per day) from April to June 2024, an 18 percent increase in the total number of attacks from the last reporting period. Critical Infrastructure remained a top target this quarter, with over 800,000 attacks, 50 percent of which focused on the financial sector. Attacks targeting this sector increased 25 percent overall compared to the last reporting period.
“As new threat groups emerge and legacy threat groups survive takedown attempts, they focus on developing new malware. This signals that these groups are allocating their resources to prioritize the impact of their attacks rather than sheer volume,” said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. “Additionally, minor altering of a piece of malware might not seem very sophisticated but contributes to an overwhelming increase in the success and severity of attacks.”
Key takeaways from the latest BlackBerry® Global Threat Intelligence Report include:
- Geopolitical tensions feed cyberattacks: Cyberwarfare is an important aspect of ongoing conflicts between Russia and Ukraine, Israel and Hamas, and tensions in the South China Seas, among several others. In addition, as many countries hold national elections, disinformation and other forms of cyber disruption are on the radar of electoral authorities.
- Critical infrastructure is a continuous threat: Geopolitical hostilities have also fed the continued rise in attacks against critical infrastructure globally. Critical infrastructure attacks saw the most significant use of unique malware this quarter compared to other industries, but a lower volume in total. BlackBerry telemetry indicates that threat actors prioritize unique malware in attacks against critical infrastructure due to its higher likelihood of success.
- Commercial enterprise attacks increased by 58 percent: As the number of enterprise devices grow, from point-of-sale terminals to mobile phones, scanners and printers, there are many more opportunities for cyber attackers to break into enterprise networks. Commercial enterprises include manufacturing, capital goods, commercial and professional services, and retail. Capital goods, which provide for manufacturing equipment and office machinery, comprised 66 percent of all “attacks stopped” in this category.
- Deepfake technology improving: Deepfakes – digitally manipulated images, video, or audio – are being used to convince recipients that an email, phone call, or even a real-time video call is from a person or organization they know and trust when, in fact, it’s an attacker pretending to be that person or entity. Deepfakes are becoming increasingly convincing, as highlighted in BlackBerry’s recent Deepfakes white paper. This is also contributing to a rise in attacks that rely on social engineering tactics to succeed.
- The weaponization of chaos: In cybersecurity, any type of disruption to daily life provides fertile ground for malicious actors to exploit confusion and misinformation. During wars, natural disasters, IT outages, or any significant disruption to the normal flow of communication and data (as was seen in this reporting period amid U.S. election shakeups and the CrowdStrike outage), moments of instability provide plenty of opportunities for cybercriminals. Threat actors are continually ready to take advantage of chaos using phishing emails, misleading social media posts, and malicious software.
- New cybercriminals are entering the space and quickly becoming large-scale threats: While legacy groups like LockBit remain a top threat, smaller emerging ransomware groups like BlackSuit and Space Bears are a cause for concern.
Based on its data analysis, the BlackBerry Threat Intelligence and Research team predicts that threat actors will continue to take extensive measures to target their victims carefully and with more sophisticated methodology. A rise in new malware and infostealers indicates that private data will continue to be highly sought after by threat actors, where sectors like healthcare and financial services will be top targets for attack.
Also new in this edition, BlackBerry has partnered with the Royal Canadian Mounted Police’s National Cybercrime Coordination Centre (NC3) to highlight key insights from law enforcement on cybercrime trends. BlackBerry is proud to collaborate with law enforcement agencies around the world to improve public-private cooperation on cybersecurity.
Download a copy of BlackBerry’s Global Threat Intelligence Report at BlackBerry.com, and register to attend the Global Threat Intelligence Report Deep Dive webinar on Thursday, September 26th at 11:00 am EDT to discover more.
About BlackBerry
BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments worldwide. The company’s software powers over 235M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety, and data privacy solutions and is a leader in the areas of endpoint management, endpoint security, encryption, and embedded systems. BlackBerry’s vision is clear - to secure a connected future you can trust.
For more information, visit BlackBerry.com and follow @BlackBerry.
Trademarks, including but not limited to BLACKBERRY and EMBLEM Design, are the trademarks or registered trademarks of BlackBerry Limited, and the exclusive rights to such trademarks are expressly reserved. All other trademarks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.
# # #
Media Contacts:
BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlackBerry.com