BlackBerry today released its latest Global Threat Intelligence Report, revealing that BlackBerry® cybersecurity solutions detected and stopped 3.1 million cyberattacks (37,000 per day) in the first quarter of 2024. Between January and March 2024, BlackBerry detected 630,000 malicious hashes, representing a 40 percent increase from its previous reporting period. Sixty percent of attacks targeting industry were directed at critical infrastructure, including government, healthcare, financial, and communication industries, of which 40 percent targeted the financial sector.
“Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos,” said Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry. “In a year where over 50 countries are holding elections, geopolitical tensions are at an all-time high, and every nation will soon be fixated on the Olympic Games, the threat landscape can feel overwhelming to navigate. This report provides a snapshot of where threat actors are looking, how they are operating, and what we can expect in the coming months so defenders can be one step ahead.”
Highlights from the latest BlackBerry Global Threat Intelligence Report include:
- The United States Severely Outnumbers the World in Cyberattacks: According to our internal telemetry, 82 percent of cyberattacks targeted the U.S. during this reporting period. Fifty-four percent of those attacks contained unique (new) malware, meaning attacks contained malware that was previously not observed.
- Attacks Based on Novel Malware Increased by 40 Percent Per Minute: BlackBerry observed a 40 percent per-minute increase in novel hashes (unique malware), compared to the previous reporting period. This represents an average of 7,500 unique malware samples per day targeting our customer base, or 5.2 per minute.
- Commercial Enterprise Threats Slowly but Surely Rise: 36 percent of all threats targeted commercial enterprises (including retail, manufacturing, automotive and professional services), a three percent increase from the last reporting period. Yet, this sector saw a 10 percent jump in instances of new malware. Commercial enterprise remains a target for threat actors as they grow more sophisticated, often using social engineering to obtain account credentials and distribute malware.
- CVEs (Common Vulnerabilities and Exposures) are Rapidly Weaponised in All Forms of Malware – Especially Ransomware and Infostealers: CVEs provide a framework for identifying, standardising and publicising known security vulnerabilities and exposures. 56 percent of the 8,900 CVEs reported during this reporting period were given a severity score of seven out of a possible 10. This represents a three percent increase from the previous reporting period.
- Despite Takedowns, Ransomware Groups Wreak Havoc: Globally, the top three ransomware groups active this period were LockBit, Hunters International, and 8Base.
These threats will continue to be underpinned by a politically charged year globally, with disinformation and deepfake campaigns continuing to be pervasive across social media. Russia’s invasion of Ukraine, the continuing conflict in the Middle East, and global elections will be the dominant variables in how threat actors adapt their targets and methodologies.
Based on its data analysis, the BlackBerry Threat Intelligence and Research team predicts that threat actors will continue to take extensive measures to carefully target their victims. A rise in new ransomware and infostealers indicates that private data will continue to be highly sought after by threat actors, where sectors like healthcare and financial services will be top targets for attack.
Download a copy of BlackBerry’s Global Threat Intelligence Report at BlackBerry.com.