Threat actors are weaponizing hyper-connectivity with new
adversarial strategies and tactics
WATERLOO, Ontario, Feb. 19, 2020 /PRNewswire/ -- BlackBerry
Limited (NYSE: BB; TSX: BB) today released its annual
2020 Threat Report, which examines the latest adversarial
techniques and tactics analyzed by BlackBerry Cylance threat
researchers, and provides guidance organizations can leverage
to mitigate risk. Key findings include the continued evolution of
nation-state backed threat actor groups, the increased availability
of sophisticated attack toolsets, as well as analysis on which
targets are becoming more appealing to attackers and why. The
report also details more select threats focused on targets
like embedded technologies in connected
vehicles, manufacturing and mobile devices, and those taking
advantage of misconfigurations in cloud computing deployments.
"New techniques to obscure malicious payloads and distribute
attacks across multiple organizations paid off for threat actors in
2019," said Eric Cornelius, Chief
Technology Officer at BlackBerry Cylance. "With the increasing ease
of access to attack toolkits combined with the explosion of
endpoints connected to organizations' networks, the global threat
landscape for emerging threats will only continue to escalate in
2020."
Automotive and Retail Industries Should Brace for More
Threats
The search to find and exploit vulnerabilities in
the expanding attack surface has caused a shift in the industries
most often targeted by malicious actors, particularly towards the
automotive sector. For example, BlackBerry Cylance researchers
discovered new backdoors being deployed by APT group OceanLotus
(APT 32) in a 2019 campaign targeting multinational automotive
manufacturers. As more vehicles become connected – and the
attention given to potential outcomes of cyberattacks on vehicles
increases – attacks against this sector are anticipated to grow. As
such, the industry must continue investing in cybersecurity
processes and secure connected software to ensure public trust in
the transportation technologies of the future.
Additionally, Cylance researchers found that retail and
wholesale remained the most targeted sectors, where almost a
quarter (23%) of all retailers suffered a compromise of sensitive
financial information. Three of the most prevalent threats of
2019 – Emotet, Ramnit and Upatre – all focused on retail
organizations. Coinmining operations also had a focus on retailers,
with 47% of attacks impacting that sector.
The report also spotlighted other unique threats facing a range
of industry verticals including:
- Technology/Software: Where attacks typically have a
focus on stealing intellectual property, over a quarter (26%) were
victims of ransomware specifically.
- Service Providers: This industry's customer base was
leveraged by threat actors to increase malicious distributions
using remote management tools like Go2Assist and NinjaRMM.
- Healthcare: Healthcare organizations were more likely to
pay ransoms than other industries due to the critical nature of the
targeted data.
- Government: Attacks against government entities can have
cascading effects that not only impact critical national
infrastructure, but impact individuals as well given the
significant quantities of personally identifiable information they
store.
"Threat intelligence on APT groups can help organizations
understand who is attacking their enterprise, and the actor's mode
of operations and motives, in order to be more proactive in
protecting vulnerable systems against advanced threats," said
Brian Robison, Chief Evangelist at
BlackBerry Cylance. "In 2020, AI and machine learning will continue
to prove critical for threat prevention and remediation strategies
because of the advantage they offer through continuous learning and
proactive threat modelling of attacks that continue to become more
complex."
Additional Key Findings in the 2020 Annual Threat
Report
- Coinmining attacks become more commonplace as cryptocurrency
prevails: Criminals recognized an opportunity to passively
generate revenue by infecting cryptocurrency machines.
- MSSPs are becoming high-value targets for threat actors:
New ransomware called Sodinokibi caused mass disruption by
infiltrating hosted environments.
- Data loss is increasing because of cloud
misconfiguration: Misconfigured cloud resources led to a total
of over seven billion records being publicly exposed in 2019. This
number is only expected to increase with cloud investments
estimated to reach $49.1 billion in
2020.
- Continued evolution of ransomware tactics: An increased
availability of Ransomware-as-a-Service (RaaS) offerings, and
instances where ransomware developers have collaborated with
banking trojan developers to exfiltrate data prior to encryption,
are being used to further extort victims.
- Increased use of host-encrypted malware: Static
analysis of host-encrypted malware is almost impossible in a lab,
decreasing defenders' understanding of the malicious code and the
ability for security solutions to block it.
To learn more and download a copy of the report, visit
http://www.cylance.com/2020-threat-report.
About BlackBerry
BlackBerry (NYSE: BB; TSX: BB) is a trusted security software
and services company that provides enterprises and governments with
the technology they need to secure the Internet of Things. Based in
Waterloo, Ontario, the company is
unwavering in its commitment to safety, cybersecurity and data
privacy, and leads in key areas such as artificial intelligence,
endpoint security and management, encryption and embedded systems.
For more information, visit BlackBerry.com and follow
@BlackBerry.
Trademarks, including but not limited to BLACKBERRY and
EMBLEM Design are the trademarks or registered trademarks of
BlackBerry Limited and the exclusive rights to such trademarks are
expressly reserved. All other trademarks are the property of their
respective owners.
Media Contact:
BlackBerry Media Relations
(519) 597-7273
mediarelations@BlackBerry.com
View original content to download
multimedia:http://www.prnewswire.com/news-releases/blackberry-cylance-2020-annual-threat-report-reveals-scope-of-global-attack-surface-expansion-301007285.html
SOURCE BlackBerry Limited