BlackBerry: The Cyber Challenges to Come For Infrastructures

Constantly adapting cyberthreats are posing increasing risks worldwide, a concern freshly highlighted in BlackBerry's latest Global Threat Intelligence Report.

The document, released on January 16, 2025, casts a spotlight on the sophisticated cyberthreats that critical infrastructure faces globally.

It found that between July and September 2024, BlackBerry’s robust cybersecurity systems successfully intercepted 600,000 cyberattacks, but also shines a light on the challenges and vulnerabilities within key sectors.

The sector at greatest risk: finance

The findings of the report disclose a worrying trend, with 45% of the detected attacks specifically targeting the financial sector.

This sector's high dependency on digital connectivity, exemplified by tools like online banking and digital controllers, makes it particularly vulnerable to cyberthreats.

"Critical infrastructure organisations, including healthcare, energy, finance and defence, continue to be popular targets of ransomware groups," Blackberry says.

Ismael Valenzuela, the Vice President of Threat Research & Intelligence at BlackBerry, outlined the expanding risks: "Our attack surface has never been wider, with threat actors and nation states broadening their horizons into cyber espionage attacks, while ransomware groups are becoming more sophisticated in their campaigns."

Yet his outlook remains hopeful concerning the industry's potential to counteract these emergent threats: "We've also never been better prepared," he asserts, suggesting a robust readiness within the sector to manage and mitigate cyber risks."

Collaboration and emerging threats

One crucial aspect highlighted in the report is BlackBerry’s collaboration with the Royal Canadian Mounted Police’s National Cyber Crime Coordination Centre (NC3).

This partnership reinforces efforts to combat ransomware and supports law enforcement in managing the complexities of these dangerous attacks.

By sharing intelligence about emerging ransomware groups, such as those behind platforms like RansomHub and the Hive ransomware variant Hunters International, BlackBerry is at the forefront of the fight against cybercrime.

However, the cyber environment continues to grow in complexity with emerging threats.

The report also sheds light on Lynx ransomware, a successor to INC ransomware, known for its double-extortion techniques, and the Coyote banking trojan, which specifically targets Brazilian financial institutions.

Additionally, a rise in deepfake-enabled fraud is noted, with an FBI forecast estimating US$40bn in losses by 2027 due to AI-powered impersonation scams.

In response, new legislation, including the US No AI Fraud Act and Canada’s non-consensual media laws, aims to mitigate these risks.

Regional impact and sector-specific challenges

In a broader geographic perspective, North America and Latin America lead in terms of cyberattack frequency and unique malware instances, followed closely by the APAC and EMEA regions.

The report also highlights an alarming surge in attacks targeting the telecommunications sector, with significant incidents like the mid-2024 breach of AT&T, which compromised vast amounts of call and text records.

This regional analysis not only underscores the technical vulnerabilities but also maps out the geopolitical dimensions of cybercrime.

For instance, over 220,000 people were trafficked in Southeast Asia as of 2023, with cybercrime playing a significant role.

Additionally, North Korean operatives have reportedly used deepfake technology and false identities to infiltrate Western IT companies.

Commercial industries are not spared, with BlackBerry detecting 430,000 attacks targeting sectors like capital goods, retail, professional services and manufacturing during the same period.

Cybercriminal tools such as LummaC2 and FormBook are increasingly deployed to infiltrate networks, steal sensitive information, and disrupt operations.

"The sophistication of modern cyberattacks means businesses face not only immediate operational impacts but also long-term reputational damage," Ismael explains, highlighting the critical stakes involved.

Enhancing defensive strategies

BlackBerry strongly advocates for enhanced resilience through proactive defensive measures.

It suggests strategies like network segmentation to contain malware, implementing strict access controls for critical systems and thorough employee training to identify and counteract social engineering tactics.

Also praised is BlackBerry’s managed detection and response service, CylanceMDR, which plays a pivotal role in identifying and mitigating threats.

"We have the tools, technology, and protocols to protect ourselves and mitigate the impact of attacks, and our industry is equipped to keep up with changes in threat actor methodology," Ismael concludes.

Explore the latest edition of Cyber Magazine  and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 

Cyber Magazine is a BizClik brand