Novel malware attacks were up 70% during summer 2023
Over the summer, double extortion became the standard operating procedure for ransomware gangs, BlackBerry reports.
New malware attacks were up 70% during the summer, according to a Global Threat Intelligence report from BlackBerry Ltd., which noted growth in novel malware attacks shows that hackers are diversifying their tactics and tools to bypass security measures, “especially those used in legacy, signature-based solutions.”
The company claimed its AI-powered cybersecurity tools stopped approximately 26 cyberattacks and 2.9 unique malware samples per minute from June-August 2023. For comparison, the period stretching March-May 2023 saw an average of 1.7 unique malware samples per minute, while December 2022-February 2023 saw an average of 1.5 malware samples per minute.
During the period, finance, health care, government and critical infrastructure were the most targeted industries.
Many of the attacks against the finance industry, which includes banks, insurance companies and cryptocurrency exchanges, leveraged previously deployed malware. BlackBerry noted this is a common tactic in widespread cybercrime campaigns.
“In the financial services industry, the process of approving software updates and applying patches often follows a lengthy hierarchical chain, which can be time consuming for IT staff,” the report authors noted. “This extended approval process exposes the systems and data to the unpatched vulnerabilities for longer periods of time, giving bad actors a window of opportunity to take advantage of these flaws.”
The health care sector saw the highest number of unique attacks over the summer months, indicating that malicious actors were homing in on specific targets within the sector.
“Malicious actors are working harder than ever to expand their range and volume of cyberattacks,” Ismael Valenzuela, vice president of threat research and intelligence at BlackBerry, said in a release. “The intensifying number of novel attacks targeting nations and industries demonstrates the impact of the macroeconomic climate on cybersecurity. However, while threats are increasing in number and diversity, so is our ability to defend against them with advanced technologies that predict and prevent attacks.”
Double, triple, quadruple extortion
As previously reported, ransomware activity has been spiking. BlackBerry found that double-extortion techniques are now the standard operating procedure for many of the largest ransomware gangs, including LockBit and CL0P.
The groups are deploying the tactic more frequently as a form of insurance against strong data backup strategies. BlackBerry noted that CL0P often employs a double-extortion strategy: First, the group requires payment to unencrypt a victim’s data and then it threatens to release the stolen data to other cybercriminals if further payments aren’t made.
According to BlackBerry, triple and even quadruple extortions are becoming more common as well. For example, hackers will threaten to deploy distributed denial of service attacks against a victim if further payments aren’t made.
Related: