How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.
Analyzing Real-World Cyberattacks
In their most recent quarterly report, BlackBerry threat researchers analyzed the onslaught of malware-based attacks from December 2022 to February 2023. During that time, BlackBerry’s AI-powered endpoint protection solution, detected and blocked a total of 1,578,733 malware-based cyberattacks targeting customers.
90 Days of Cyberattacks
Based on analysis of cyberattacks detected and blocked during the 90-day window, the BlackBerry Threat Research and Intelligence Team recorded the following statistics:
- Total number of malware-based attacks: 1,578,733
- Number of unique attacks (using previously undetected malware): 200,454
- Average number of cyberattacks per day: 17,280
- Average number of cyberattacks per hour: 720
- Average number of attacks per minute: 12
- Average number of new malware variants per minute: 1.5
The latest report also analyzes changes in the velocity of cyberattacks detected during this period. The graph below shows a significant peak occurred in early December 2022, followed by a noticeable drop in the last week of the year, as many threat actors and their targets appeared to take a holiday break. Attacks ramped up again as cybercriminals got back to work in the new year.
The number of new malware variants detected was fairly consistent during the study period. Legacy signature-based antivirus products offer limited value against this steady onslaught of previously unseen attacks, leading many organizations to switch over to AI-based EPP (endpoint protection platform) solutions that have proven to be significantly more effective when evaluated by independent testing.
Most-Targeted Industries
The BlackBerry Threat Research and Intelligence Team also identified the most-attacked industries among those customers protected by BlackBerry products. The following data is based on the number of times BlackBerry’s zero trust access solution, CylanceEDGE™, stopped cyberattacks targeting organizations in various sectors.
The most-targeted industries during the study period included:
- Financial institutions
- Healthcare services and equipment, including hospitals, clinics, and medical devices
- Food and staples retailers, including supermarkets, drugstores, and companies that sell food products to other businesses
The report found these vertical industries accounted for 60% of the overall number of attacks. BlackBerry threat researchers also analyzed the types of malware deployed against these verticals.
The report reveals CylanceEDGE blocked 231,510 malware attacks against the financial services industry, with an average of 2,601 malware-based attacks attempted per day. Previously undetected malware variants appeared in 34 unique attacks each day. This data helped researchers ascertain that Metasploit®, an open-source pen-testing application, remains one of the most popular tools abused by threat actors targeting this industry.
Cyberattacks against the healthcare industry totaled 93,000 of the blocked attacks. These included 5,246 unique malware samples used against the healthcare vertical, averaging 59 previously undetected variants neutralized by BlackBerry technologies each day. The report notes an increase in use of the Emotet Trojan, the adversary simulation tool Cobalt Strike, and pervasive ransomware variants such as BlackCat being deployed against the healthcare industry during the reporting period.
Attacks against retail and retail supply chains comprised 12% of attempted intrusions stopped by BlackBerry endpoint security solutions. These industries provide essential services, and any failure in their ecosystems can lead to serious consequences that reverberate not only locally but also throughout the region, the country, or indeed the world. Increasing digital transformation and interconnectedness within and among industry verticals raise risks even higher.
What the Numbers Tell Us
Cybersecurity practitioners across numerous industries continue to struggle against a rising tide of fast-moving, sophisticated cyberthreats. BlackBerry’s CTO Shishir Singh asserts that the emergence of cybersecurity’s third generation will help, by ushering in more predictive defensive capabilities, fueled by further advances in artificial intelligence and machine learning. As these technologies mature, however, organizations are encouraged to increase their focus on prioritizing existing defenses based on contextualized cyber threat intelligence (CTI). The insights gleaned from expertly crafted, curated, and customized CTI can help organizations anticipate and withstand attacks, quickly recover from cyber incidents, and adapt to their evolving threat landscape.
For the latest information on new cyberattacks and the overall threat landscape, explore the BlackBerry Global Threat Intelligence Report.
Note: This article is expertly written and contributed by Bruce Sussman, Sr. Manager of Editorial at BlackBerry. He is a lifelong journalist who is passionate about cybersecurity because it is constantly in flux. He previously worked with CISOs and cybersecurity leaders at Gartner and SecureWorld.