Government organizations are attractive targets for threat actors whose motivations may be geopolitical, financial, or disruption, according to BlackBerry.
Because threat actors may include private individuals, small groups, or state-sponsored APT groups (which use APT tactics), government organizations must defend against a wide range of threats.
Governments and public services under cyberattacks
With limited resources and often immature cyber defense programs, these publicly funded organizations are struggling against the double-pronged threat of attacks from both nation-states and the criminal underground. BlackBerry reports a 40% increase in cyberattacks targeting government agencies and the public services sector.
“Governments and public services, such as public transit, electricity, water services, schools, and non-profit organizations, stand as unfortunate bullseyes for cybercriminals and other threat actors, whose attacks seek to wreak maximum havoc and who often times face very little resistance,” said Ismael Valenzuela, VP of Threat Research and Intelligence at BlackBerry.
“With limited resources and immature cyber defense programs, these organizations are struggling to defend against the double pronged threat of both nation states and cybercriminals. Now, more than ever, they need access to actionable cyber intelligence to direct and strengthen their security strategies, while safeguarding the vital services, institutions, and trust upon which our societies thrive,” added Valenzuela.
Mobile malware on the rise
Over the past 90 days, BlackBerry stopped over 1.5 million attacks. Threat actors deployed an average of 1.7 new malware samples per minute, a 13% increase from the previous reporting period’s average of 1.5 new samples per minute, highlighting attackers’ work to diversify their tooling to bypass defensive controls.
In healthcare, the convergence of valuable data and critical services presents a lucrative target for cybercriminals. BlackBerry stopped over 109,922 attacks across the healthcare sector over the past 90 days. As ransomware groups continue to target organizations in these industries with information-stealing malware, the report highlights the importance of securing patient data and safeguarding the delivery of essential medical services.
Financial services institutions are facing persistent threats through smartphone-centric commodity malware, ransomware attacks, and the rise of mobile banking malware targeting the growing trend of digital banking services. The report explores cybersecurity challenges for the financial sector as threat actors exploit an online-banking-first mindset.