1.26.23 – SSI Staff
Threat actors are evolving to target a wide variety of systems and infrastructure, leading to a massive increase in cyberattacks.
Security integrators are quickly realizing they cannot ignore cybersecurity services for their commercial and residential clients, and a new report from BlackBerry confirms how prevalent cyberattacks are becoming. With the resurgence of the Emotet botnet, phishing attacks and infostealers dominating the attack landscape, the report notes that threat actors have been launching an attack about once every minute.
Using data gathered from the company’s own intelligent security software, the provider’s first Global Intelligence Report found that more than 1.75 million malware-based attacks had been stopped by its technology. During these attacks, the most common tools the company noticed were the Emotet botnet, the Qakbot phishing threat and an increase in infostealers such as GuLoader.
MacOS Systems Found to Be No Safer than Others
Other highlights from the report include threats targeting macOS systems. Despite the prevailing opinion, BlackBerry says macOS is not a safer platform due to it being used less among enterprise systems. That opinion could be giving IT managers a false sense of security, the company says.
According to Blackberry, the most malicious application on macOS was Dock2Master, which collects users’ data from its own surreptitious ads. More than a third of BlackBerry’s client organizations using macOS had Dock2Master on their network, the report finds.
In addition, BlackBerry’s report explores the increasing number of cyberattacks against Linux platforms and how less mainstream programming languages such as GoLang are being used to develop cross-platform malware.
The report also found that RedLine, an infostealer capable of stealing credentials from browsers, crypto wallets, FTP and VPN software, and other targets was the most active and widespread infostealer last quarter. RedLine preys upon technology used to support remote and hybrid employees, and threat actors are using RedLine to steal credentials to sell to other threat actors for initial access.
BlackBerry’s 2023 Cybersecurity Outlook
For 2023, the company expects these trends to continue, but also says ransomware and other cyberattacks will continue to target medical organizations and critical infrastructure. In addition, attacks against Linux systems and cloud infrastructure will increase as threat actors look to install backdoors on target systems and gain visibility into organizations for further activities.
Ismael Valenzuela, vice President of threat research and intelligence at BlackBerry, says threat reports can help provide insight into overall trends and help organizations make informed decisions about their security.
“Our public and private reports are written by our top threat researchers and intelligence analysts, world-class experts that not only understand the technical threats but also the global and local geopolitical situation, and how it affects organizational threat models in each region,” Valenzuela says. “This expertise allows us to provide actionable and contextualized threat intelligence to increase cyber resilience and to enable mission and business objectives.”
Another version of this article originally appeared on our sister site My TechDecisions.