What Does BlackBerry's Data Say About Cyberattacks in 2024?
The cyberthreat landscape is evolving at an alarming pace, with BlackBerry's latest Global Threat Intelligence Report shedding light on the dangers facing critical infrastructure worldwide.
Released on January 16, 2025, the report reveals that BlackBerry's cybersecurity systems thwarted 600,000 attacks against critical infrastructure between July and September 2024, with the financial sector bearing the brunt of this surge in malicious activity.
“Critical infrastructure organizations, including healthcare, energy, finance and defence, continue to be popular targets of ransomware groups,” the report states.
With 45% of detected attacks targeting the financial sector, the findings highlight the vulnerabilities in a sector increasingly reliant on connectivity, such as online banking and digital controllers.
“Our attack surface has never been wider, with threat actors and nation states broadening their horizons into cyber espionage attacks, while ransomware groups are becoming more sophisticated in their campaigns,” says Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry.
However, he remains optimistic about the industry's capacity to counter these threats. “We've also never been better prepared,” he says.
Collaboration with law enforcement
The report spotlights BlackBerry's collaboration with the Royal Canadian Mounted Police’s National Cyber Crime Coordination Centre (NC3), a partnership aimed at combating ransomware and supporting law enforcement in addressing the challenges of cyberattacks.
This partnership is a pivotal part of BlackBerry’s broader strategy to share intelligence on emerging ransomware groups, including platforms like RansomHub and the Hive ransomware variant, Hunters International.
Emerging threats
Further analysis identifies Lynx ransomware, a successor to INC ransomware, as a significant threat employing double-extortion techniques.
Another concern is the Coyote banking trojan, which specifically targets Brazilian financial institutions.
The report also mentions the rise of deepfake-enabled fraud, with the FBI projecting US$40bn in losses from AI-powered impersonation scams by 2027.
New legislation such as the US No AI Fraud Act and Canada’s non-consensual media laws seek to address these escalating risks.
We've never been better prepared.
A regional view of cybercrime
Globally, North America and Latin America emerged as the most targeted regions, registering the highest number of attacks and unique malware instances. The Asia-Pacific (APAC) and Europe, Middle East, and Africa (EMEA) regions followed closely.
BlackBerry reported a surge in telecommunications attacks, underscored by the breach of AT&T in mid-2024, which compromised call and text records.
These incidents expose vulnerabilities in communication networks and highlight the need for robust identity protection measures.
Such regional trends reflect broader geopolitical implications. BlackBerry’s analysts identified the alarming involvement of cybercrime in human trafficking, with over 220,000 people trafficked in Southeast Asia alone as of 2023.
Additionally, North Korean operatives were found using deepfake technology and false identities to infiltrate Western IT companies.
Commercial industries under fire
Commercial enterprises, too, are in the crosshairs. During the same period, BlackBerry detected 430,000 attacks targeting industries such as capital goods, retail, professional services and manufacturing.
Info stealers like LummaC2 and FormBook are increasingly employed to breach networks and exfiltrate sensitive information, leading to operational disruptions and financial losses.
The financial implications for businesses can be severe. "The sophistication of modern cyberattacks means businesses face not only immediate operational impacts but also long-term reputational damage," explains Ismael.
"The stakes are higher than ever."
How to improve resilience
In response to these mounting threats, the report underscores the importance of proactive defensive measures.
BlackBerry advocates for network segmentation to contain malware, strict access controls for critical systems and comprehensive employee training to recognise social engineering tactics.
The stakes are higher than ever.
The report also highlights the utility of its managed detection and response service, CylanceMDR™, which identified threats such as remote management tools and living-off-the-land exploits.
As threats grow increasingly complex, Ismael remains adamant about the need for continuous vigilance.
"We have the tools, technology, and protocols to protect ourselves and mitigate the impact of attacks, and our industry is equipped to keep up with changes in threat actor methodology," he says.
Explore the latest edition of Manufacturing Digital and be part of the conversation at our global conference series, Manufacturing LIVE.
Discover all our upcoming events and secure your tickets today.
Manufacturing Digital is a BizClik brand.
