Between January and March of this year, there was a 40% increase in new malware over the previous reporting period, with critical infrastructure the biggest target, according to BlackBerry's Global Threat Intelligence Report. Credit: NicoElNino / Shutterstock Security teams are in for an increasingly busy year as the number of attacks and the amount of new malware increase, according to BlackBerry’s latest Global Threat Intelligence Report, released Tuesday. Almost two-thirds (60%) of the attacks detected by BlackBerry cybersecurity solutions were directed at the 16 critical infrastructure sectors defined by the US Cybersecurity and Infrastructure Security Agency (CISA), which include healthcare, government, energy, agriculture, finance, and defense. “The increasing digitization of these sectors means their assets are more vulnerable to cybercriminals,” the report noted. “Threat actors actively exploit critical systems via vulnerabilities such as system misconfigurations and social engineering campaigns against employees.” Commercial enterprises aren’t being spared; just over one-third (36%) of attacks targeted them, often using social engineering to gather account credentials and plant malware. Although the number of threats directed at these enterprises only rose by three percent, the sector saw a 10% jump in new malware over the previous reporting period. And deepfakes, the report said, are increasingly being used in targeted attacks such as those where a deepfake recording of a CEO’s voice instructs a finance manager to transfer funds to a bad actor. Unsurprisingly, BlackBerry customers in the US accounted for the most attempted attacks, with 82% of prevented cyberattacks, 54% of which were new malware. Rounding out the top five targets were Japan, South Korea, Australia, and Honduras. BlackBerry saw the greatest amount of new malware in the US, followed by South Korea, Japan, Australia, and Brazil. The report also found that 56% of the reported vulnerabilities enumerated by CVEs (Common Vulnerabilities and Exposures) that were being leveraged had a severity score of 7.0 or higher out of 10, a three percent increase over the previous reporting period. And ransomware was alive and well, despite recent high-profile takedowns. Globally, the top three active groups were LockBit, Hunters International, and 8Base, with LockBit focusing on the Americas, while Hunters International hit all regions and 8Base all but Latin America. It’s a critical time for those fighting cybersecurity threats: the volume of novel malware is growing, and in a year where over 50 countries are holding elections, geopolitical tensions are at an all-time high, the company noted. Related content feature Ransomware recovery: 8 steps to successfully restore from backup The best way to recover from a ransomware attack is to have a reliable and fast backup process. Here's how to do it. By Maria Korolov 02 Sep 2024 17 mins Ransomware Malware Backup and Recovery feature 15 infamous malware attacks: The first and the worst Whether by dumb luck or ruthless skill, these malware attacks left their mark on the internet. By Josh Fruhlinger and John Leyden 30 Aug 2024 16 mins Ransomware Cyberattacks Malware news Iranian threat actors targeting businesses and governments, CISA, Microsoft warn Pioneer Kitten and Peach Sandstorm both believed to be state sponsored. By Howard Solomon 29 Aug 2024 7 mins Ransomware Cyberattacks Malware news Tool used by ransomware groups now seen killing EDR: Report The Poortry/BurntCigar toolkit has added more ways for it to evade detection, evolved into something akin to a rootkit. By Howard Solomon 28 Aug 2024 4 mins Ransomware Malware PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe