BlackBerry's Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute
BlackBerry has released its inaugural Global Threat Intelligence Report, revealing that it prevented 1.75 million malware-based cyberattacks in the last 90 days, averaging more than 62 threats per hour. The report highlights the resurgence of the Emotet botnet and the prevalence of Qakbot phishing attacks. Key findings indicate that 34% of macOS client organizations were infected by the malicious app Dock2Master, and RedLine emerged as a dominant infostealer. BlackBerry aims to enhance cybersecurity by providing timely and actionable intelligence, addressing threats in sectors like automotive, healthcare, and finance.
- Prevented 1.75 million malware-based cyberattacks in the last 90 days.
- Shift to quarterly threat reports for timely data on evolving cyber threats.
- Insights provided on unique threats affecting less-discussed industries.
- Resurgence of sophisticated threats like the Emotet botnet poses ongoing risks.
- 34% of macOS clients infected, indicating vulnerability in that segment.
Report Identifies 1.75m Cyberattacks Were Stopped by BlackBerry in the Last 90 Days
WATERLOO, ON, Jan. 25, 2023 /PRNewswire/ -- BlackBerry Limited (NYSE: BB; TSX: BB) today released its Global Threat Intelligence Report, highlighting the volume and model of threats across a range of organizations and regions, including industry-specific attacks targeting the automotive and manufacturing, healthcare and financial sectors. After the success and continued demand for its annual threat report, BlackBerry has switched to a quarterly cadence to match the speed adversaries evolve to provide a more holistic view of the threat landscape, helping businesses to prepare and protect themselves accordingly.
BlackBerry's Threat Research and Intelligence team identified that in the 90 days between September 1 and November 30, 2022 (Q4), BlackBerry's AI-driven prevention-first technology stopped 1,757,248 malware-based cyberattacks. This includes 62 unique samples per hour, or one sample each minute. The most common cyber-weapons used in attacks include the resurgence of the Emotet botnet after a four-month dormancy period, the extensive presence of the Qakbot phishing threat, which hijacks existing email threads to convince victims of their legitimacy, and the increase in infostealer downloaders like GuLoader.
"Annual threat reports have been a fantastic way to provide insight into overall trends, but now more than ever, organizations need to make well-informed decisions and take prompt effective actions, using the latest actionable data," said Ismael Valenzuela, Vice President, Threat Research & Intelligence at BlackBerry. "Our public and private reports are written by our top threat researchers and intelligence analysts, world-class experts that not only understand the technical threats but also the global and local geopolitical situation, and how it affects organizational threat models in each region. This expertise allows us to provide actionable and contextualized threat intelligence to increase cyber resilience and to enable mission and business objectives."
Highlights from the report include:
- MacOS is not immune. It is a common misconception that macOS is a "safe" platform due to it being used less among enterprise systems. However, this could be lulling IT managers into a false sense of security. BlackBerry explores the pernicious threats targeting macOS, including malicious codes that are sometimes even explicitly downloaded by users. In Q4, the most-seen malicious application on macOS was Dock2Master which collects users' data from its own surrepticious ads. BlackBerry researchers noted that 34 percent of client organizations using macOS had Dock2Master on their network.
- RedLine was the most active and widespread infostealer in this last quarter. Post-pandemic work models have necessitated the need for businesses to support remote and hybrid employees, putting corporate credentials at greater risk of attack from malicious actors than ever before. RedLine is capable of stealing credentials from numerous targets including browsers, crypto wallets, and FTP and VPN software, among others, and selling them on the black market. Cybercriminals and nation state threat actors rely on initial access brokers trading stolen credentials. RedLine is one of them providing initial access to another threat actors.
- BlackBerry is uniquely positioned to uncover threats that affect industries that aren't often discussed in other threat reports. With a strong presence in both the cyber and IoT markets, BlackBerry provides insights into the current threat landscape and trends for the future that affect the automotive and manufacturing industries, along with financial and healthcare. The report includes analysis of GuLoader and the BlackCat ransomware group that targets small-to-medium sized enterprises, largely in the manufacturing sector, and threatens victims to leak compromised data to further extort their ransom.
To learn more, download a copy of the Global Threat Intelligence Report: Delivering Actionable and Contextualized Intelligence to Increase Cyber Resilience now, and tune into BlackBerry's LinkedIn Live Session on January 26th to discover more.
About BlackBerry
BlackBerry (NYSE: BB; TSX: BB) provides intelligent security software and services to enterprises and governments around the world. The company secures more than 500M endpoints including over 215M vehicles. Based in Waterloo, Ontario, the company leverages AI and machine learning to deliver innovative solutions in the areas of cybersecurity, safety, and data privacy solutions, and is a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems. BlackBerry's vision is clear - to secure a connected future you can trust.
BlackBerry. Intelligent Security. Everywhere.
For more information, visit BlackBerry.com and follow @BlackBerry.
Trademarks, including but not limited to BLACKBERRY and EMBLEM Design are the trademarks or registered trademarks of BlackBerry Limited, and the exclusive rights to such trademarks are expressly reserved. All other trademarks are the property of their respective owners. BlackBerry is not responsible for any third-party products or services.
Media Contacts:
BlackBerry Media Relations
+1 (519) 597-7273
mediarelations@BlacksBerry.com
View original content to download multimedia:https://www.prnewswire.com/news-releases/blackberrys-inaugural-quarterly-threat-intelligence-report-reveals-threat-actors-launch-one-malicious-threat-every-minute-301730111.html
SOURCE BlackBerry Limited
FAQ
What were the key findings in BlackBerry's Global Threat Intelligence Report?
How many cyberattacks did BlackBerry stop in the last quarter?
What percentage of macOS organizations experienced malware issues?
Which infostealer was most active according to the report?