BlackBerry’s most recent Global Threat Intelligence Report recently brought attention to the growing hazards posed by constantly evolving cyberthreats.
The January 16, 2025, document highlights the advanced cyberthreats that critical infrastructure is subject to worldwide.
BlackBerry’s strong cybersecurity systems effectively stopped 600,000 cyberattacks between July and September 2024, according to the report, which also highlights the difficulties and weaknesses in important industries.
The sector at highest risk: finance
According to the report’s findings, 45% of the attacks that were found specifically targeted the financial sector, which is a concerning trend.
The financial services sector is especially susceptible to cyberattacks because of its heavy reliance on digital connectivity, which is demonstrated by instruments like digital controllers and online banking.
“Critical infrastructure businesses, including medical care, energy, finance, and security, continue to be the primary targets of ransomware groups,” claims Blackberry.
The growing risks were described by Ismael Valenzuela, Vice President of Threat Research and Intelligence at BlackBerry: “Our attack surface has never been wider, with threat actors and nation-states broadening their horizons into cyber espionage attacks, while ransomware groups are becoming more sophisticated in their campaigns.”
His perspective, however, is optimistic about the industry’s capacity to combat these new threats: “We’ve also never been better prepared,” he says, implying that the industry is sufficiently equipped to handle and reduce cyber threats.
Teamwork and Developing threats
The partnership between BlackBerry and the National Cyber Crime Coordination Centre (NC3) of the Royal Canadian Mounted Police is one important point that the report highlights.
This collaboration helps law enforcement handle the complexity of these hazardous attacks and strengthens efforts to battle ransomware.
BlackBerry is spearheading the fight against cybercrime by exchanging knowledge about new ransomware groups, including those behind marketplaces like RansomHub and the Hive ransomware version Hunters International.
But with new threats, the cyber world is getting more complicated.
The paper also discusses the Coyote banking malware, which targets Brazilian financial institutions specifically, and the Lynx ransomware, which is a variant of INC ransomware and is renowned for its double-extortion tactics.
Furthermore, there is an increase in deepfake-enabled fraud; according to an FBI projection, AI-powered impersonation frauds would cause losses of US$40 billion by 2027.
To reduce these hazards, new regulations have been passed, including Canada’s non-consensual media laws and the US No AI Fraud Act.
Impact on the region and difficulties unique to a given sector
Geographically speaking, North America and Latin America are the most common regions for cyberattacks and novel malware cases, with APAC and EMEA coming in second and third, respectively.
The research also notes a concerning increase in attacks directed at the telecom industry, including notable events such as the AT&T hack in the middle of 2024 that exposed a huge number of call and text logs.
This regional analysis delineates the sociopolitical aspects of cybercrime in addition to highlighting its technical vulnerabilities.
In Southeast Asia, for example, trafficking accounted for almost 220,000 individuals in 2023, with cybercrime being a major contributing factor.
North Korean agents have also allegedly infiltrated Western IT companies using deepfake technology and fictitious identities.
During the same period, BlackBerry detected 430,000 threats that targeted commercial industries, including manufacturing, professional services, retail, and capital goods.
The use of cybercriminal tools like LummaC2 and Formbook to breach networks, steal confidential data, and interfere with operations is growing.
According to Ismael, “the sophistication of modern cyber-attacks means businesses face not only immediate operational impacts but also long-term reputational damage,” underscoring the crucial stakes.
Enhancing defensive strategies
BlackBerry is a major supporter of proactive defensive tactics that increase resilience.
Strict access controls for vital systems, network segmentation to contain malware, and comprehensive staff training to recognize and thwart social engineering techniques are some of the approaches it recommends.
BlackBerry’s CylanceMDR managed detection and response service, which is essential for detecting and reducing threats, is also commended.
“We have the tools, the internet, and protocols to protect ourselves and reduce the impact of crimes, and our industry is equipped to keep up with changes in the attacker’s approach,” Ismael says in his conclusion.
