Cyber Attacks on Industry at One-a-Minute, BlackBerry

BlackBerry research suggests industry is being attacked by cyber criminals at a rate of one-a-minute revealing the real threat facing connected businesses.
Its Global Threat Intelligence Report, highlights the volume and model of threats across a range of organizations and regions, including industry-specific attacks targeting the automotive and manufacturing, healthcare and financial sectors. This report is now scheduled to be published quarterly from its previous annual edition in a bid to match the speed cyber attackers evolve.
BlackBerry says its Threat Research and Intelligence team identified that in the 90 days between September 1 and November 30, 2022, the company’s AI-driven prevention technology stopped 1,757,248 malware-based cyber-attacks. This includes 62 unique samples per hour, or one sample each minute. The most common cyber-weapons used in attacks include the resurgence of the Emotet botnet after a four-month dormancy period, the extensive presence of the Qakbot phishing threat, which hijacks existing email threads to convince victims of their legitimacy, and the increase in infostealer downloaders like GuLoader.
Highlights from the report include:
- MacOS is not immune. In Q4, the most-seen malicious application on macOS was Dock2Master which collects users’ data from its own surreptitious ads. BlackBerry researchers noted that 34% of client organizations using macOS had Dock2Master on their network.
- RedLine was the most active and widespread infostealer in this last quarter. It is capable of stealing credentials from numerous targets including browsers, crypto wallets, and FTP and VPN software, among others, and selling them on the black market. Cyber criminals and nation state threat actors rely on initial access brokers trading stolen credentials. RedLine is one of them providing initial access to another threat actors.
- The report includes analysis of GuLoader and the BlackCat ransomware group that targets small-to-medium sized enterprises, largely in the manufacturing sector, and threatens victims to leak compromised data to further extort their ransom.
Ismael Valenzuela, vice-president, Threat Research at Intelligence at BlackBerry, said: “Annual threat reports have been a fantastic way to provide insight into overall trends but now more than ever, organizations need to make well-informed decisions and take prompt effective actions, using the latest actionable data.”
— Paul Myles is a seasoned automotive journalist based in Europe. Follow him on Twitter @Paulmyles_