Unmasking the Malware Menace: A Sudden Surge Strikes the Public Sector

Government and Public Service Organizations Facing Increasing Cyberattacks

Overview of the Cybersecurity Landscape

Government and public service organizations around the world have experienced a significant increase in cyberattacks during the second quarter of 2023, compared to the previous quarter. This surge in cyber threats primarily targeting public transit, utilities, schools, and other essential government services is outlined in the latest “BlackBerry Global Threat Intelligence Report.” The report provides valuable insights into the challenges faced by publicly funded organizations in combating cyber threats.

The Threat Landscape

The report reveals that these organizations face a double-pronged threat from nation-state actors and the criminal underground. With limited resources and often immature cyber-defense programs, they are ill-equipped to safeguard their critical infrastructure and sensitive data. According to BlackBerry’s findings, threat actors deployed approximately 11.5 attacks per minute during the reporting period, demonstrating the relentless and evolving nature of cyber threats.

One concerning aspect highlighted by the report is the increase in diversification of attack tools. Attackers are constantly adapting and employing novel malware samples, with an average increase of 13% compared to the previous reporting period. This indicates a concerted effort by threat actors to bypass defensive controls and exploit vulnerabilities.

Most Targeted Industries

The healthcare and financial services industries remain among the most frequently targeted sectors. Cybercriminals perceive the healthcare sector as a lucrative target due to the valuable data it holds and the critical nature of the services it provides. The report reveals that threat actors primarily target the healthcare industry using ransomware and information stealers. Attacks on financial institutions persist due to their economic significance and the concentration of sensitive data. The rise in malware targeting digital and mobile banking services poses particular challenges for financial institutions.

Risks of Remote Access

The increased adoption of remote access technologies by public service organizations has inadvertently elevated their cyber risks. BlackBerry’s report emphasizes the persistent threats faced by financial institutions, considering the economic significance and concentration of sensitive data within their systems. The availability of commodity malware for ransomware attacks and the rise in malware targeting digital and mobile banking services further exacerbate the challenges faced by financial institutions. Researchers have uncovered mobile threats that include data exfiltration, financial app spoofing, and SMS text interceptors.

Country-Specific Cyberattacks

The second quarter of 2023 witnessed heightened activity from APT28, a state-sponsored threat actor linked to Russia, and the Lazarus Group, a threat actor associated with North Korea. These actors primarily target the United States, Europe, and South Korea, focusing on government agencies, military organizations, businesses, and financial institutions. APT28 and the Lazarus Group continuously adapt their techniques to evade detection and increase the difficulty of defending against their attacks.

The Path Forward: Enhancing Cybersecurity

Actionable Threat Intelligence

The BlackBerry Global Threat Intelligence Report serves as an invaluable resource for organizations seeking to enhance their cybersecurity measures. The report provides a summary of the top 20 techniques used by threat groups during the reporting period, compared to the previous quarter. This information empowers organizations to prioritize their defense strategies, enabling them to stay one step ahead of threat actors. Additionally, the report includes a comprehensive list of countermeasures developed by utilizing the MITRE D3FEND framework, ensuring organizations have a range of effective defenses at their disposal.

Utilizing the Power of AI

BlackBerry’s Threat Research and Intelligence team utilizes cutting-edge AI-driven technology provided through the BlackBerry Cylance® AI engine. During the study period, the team encountered and stopped an impressive 1.5 million attacks. By leveraging the power of artificial intelligence, organizations can bolster their defenses and proactively detect and mitigate cyber threats.

Editorial: Investing in Cybersecurity

As the frequency and complexity of cyberattacks on government and public service organizations continue to rise, it is crucial for these entities to prioritize and invest in cybersecurity. The stakes are high, considering the potential disruption to critical services, compromise of sensitive data, and impact on public trust and confidence. Governments must allocate resources to develop robust cyber-defense programs, including regular training for employees, implementation of sophisticated detection and prevention systems, and collaboration with industry experts and researchers.

Moreover, proactive international collaboration is essential to address the cross-border nature of cyber threats. Governments and organizations must share threat intelligence, best practices, and collaborate on the development of cybersecurity standards to protect critical infrastructure and strengthen global cybersecurity resilience.

Conclusion

The increasing cyber threats faced by government and public service organizations demand urgent action and investment in cybersecurity. These organizations, often operating with limited resources, struggle to defend against attacks from nation-state actors and the criminal underground. The BlackBerry Global Threat Intelligence Report provides valuable insights into the evolving threat landscape, offering actionable intelligence and countermeasures to fortify against cyber threats. It is imperative for governments, organizations, and individuals to recognize the gravity of the situation and prioritize cybersecurity to protect critical infrastructure, information, and public services.