BlackBerry cybersecurity researchers observed approximately 11,500 unique malware samples targeting their customers daily from April to June this year, a 53% increase from the previous quarter — marking one of the largest spikes ever recorded by the firm.
Malware samples are similarly-assembled but distinct versions of malicious code launched by hackers. Each variation includes changes in code structure or delivery method, created to help cybercriminals evade detection on networks.
The data on malware-sample was recorded globally. The U.S. saw the highest number of attacks on organizations using BlackBerry cyber solutions, followed by South Korea, Japan, Australia and New Zealand, making the Asia-Pacific the second most targeted region.
“Raw figures suggest new malware is adapting, existing malware families are gaining capabilities, and adversaries are rapidly employing more advanced tactics, leading to more potent malware through enhanced obfuscation, sophistication and evasion techniques,” the report issued Thursday said.
Once known for its iconic smartphones and pagers that dominated the business landscape until the arrival of the iPhone, BlackBerry shifted focus to cybersecurity services in the mid-2010s after several key acquisitions.
Nearly half of the unique malware hashes targeted critical infrastructure organizations during this period, up 17% from the prior quarter. The global government sector faced the most attacks from unique malware variants, followed by the financial sector and healthcare facilities, respectively.
Quarter-to-quarter trends indicate that critical sectors which often contain troves of sensitive data remain the targets of the highest volumes of cyberattacks, as frequently observed in cyber threat intelligence research conducted by other firms. When data from those environments is successfully pilfered, it is often sold to buyers on dark web forums for use in fraud schemes and exploitation.
The increase in unique malware can be attributed to various factors, including the rise of macro-level targeted attacks. In these attacks, entire employee email lists are hit with phishing schemes tailored to the company, aiming to trick multiple employees, according to the BlackBerry findings. The newly issued report revealed that approximately eight unique malware hashes were detected every minute, compared to 5.2 per minute in the prior period and 3.7 per minute two quarters prior.
While not explicitly cited as a source of the uptick, experts frequently mention generative AI systems as an augmentative tool for hackers. These systems allow cybercriminals to generate new, unique malware samples at a much faster rate. Additionally, certain tools can enable attackers to create polymorphic malware that changes its code with each infection.
As early as February, AI and cybersecurity analysts detected hackers using generative AI tools to fix scripting errors and develop code for breaking into systems.
Related article: BlackBerry: 75% of companies set to ban generative AI on work devices
BlackBerry Limited has released research indicating that 75% of global organizations are either implementing or considering bans on Generative AI applications like ChatGPT in the workplace due to concerns about data security, privacy, and corporate reputation. While recognizing the potential for efficiency, innovation, and creativity enhancement, 83% of respondents worry about the cybersecurity threat posed by unsecured apps. BlackBerry’s Chief Technology Officer, Shishir Singh, calls for a cautious approach and suggests that enterprise-grade Generative AI tools could offer a solution, with the study also highlighting the role of unified endpoint management in balancing security and privacy. READ MORE
Related article: Opinion: OT security landscape in 2023
A growing number of business and industry leaders are concerned about the onslaught of cyberattacks targeting the operational technology (OT) they rely on for critical operations. According to a 2023 Blackberry research report [1] involving 1,500 manufacturing IT decision-makers worldwide, 40% said they are most concerned that hackers can execute attacks via connected devices, including IoT. Also, 29% expressed concerns over malicious insiders gaining access to sensitive data, while 23% fear ransomware attacks constantly threatening crucial OT. In addition, a 2023 report [2] on OT cybersecurity found that three-quarters of OT organizations suffered an intrusion in 2022, with malware (56%) and phishing (49%) attacks leading the pack. READ MORE