BlackBerry Report Surfaces Increasing Rate of Cyberattacks
A threat intelligence report published by BlackBerry found that from December 2022 through February 2023, 12 cyberattacks per minute were launched against organizations using the company’s cybersecurity software and services, with 1.5 of those attacks per minute based on a new malware sample.
The BlackBerry report also noted a shift in where those attacks are happening. Brazil is now the second most-targeted country after the U.S., with Canada and Japan placing third and fourth, respectively. Singapore, for the first time, is now ranked in the top 10, according to the report.
Ismael Valenzuela, vice president of threat research and intelligence at BlackBerry, said that the increase in the pace of attacks suggests that cybercriminals have made significant investments in automation that are now starting to have an impact. Rather than attempting to develop more sophisticated attacks, it appears cybercriminals are concentrating on increasing the volume of attacks based on tried and true techniques, noted Valenzuela. The most commonly used attack methods involved, not surprisingly, droppers, downloaders, remote access tools (RATs) and ransomware, the report found.
As such, many cybersecurity teams should expect to make corresponding investments in automation and artificial intelligence (AI) to combat attacks that are starting to be launched with greater frequency, he noted. In effect, cybersecurity continues to be an automation arms race, with both sides making investments to launch and thwarts attacks at higher levels of scale. The challenge is the cost of launching attacks continues to decline as cybercriminals take advantage of, for example, ransomware-as-a-service (RaaS) platforms. Conversely, the cost of thwarting those attacks initially increases as organizations invest in automation that, in theory, should result in a better return on investment in the long term.
It’s not clear how all that investment in automation and AI might impact cybersecurity professionals but, in many cases, the rote tasks that tend to increase fatigue levels should be reduced, if not outright eliminated. The overall goal is to make up for the chronic shortage of cybersecurity skills by relying more on automation. Those investments are not going to eliminate the need for cybersecurity professionals but augment the ability of cybersecurity teams to combat cyberattacks at scale.
That’s especially critical because those same cybersecurity teams are being tasked with securing an expanding attack surface as more applications are deployed everywhere from the cloud to the network edge. In fact, there may come a day soon when most cybersecurity professionals are not going to want to work for organizations that are not making the level of investment in automation required for them to succeed.
Most cybersecurity teams have a lot more to gain than lose from investments in automation and AI. The volume of attacks launched today simply can’t be thwarted without those investments. The issue is finding a way to take advantage of automation at a faster pace than cybercriminals.
