Malware creators are adopting new techniques in the escalating wave of cyber attacks
A startling revelation surfaced last week as BlackBerry released a report indicating that critical infrastructure providers were heavily targeted in 2023, accounting for 62% of all industry-related cyberattacks from September to December.
The report, while not providing specific names of the malware families involved, highlighted an increase in such threat activity against this sector. The malware often targeted operational technology systems and exploited vulnerabilities in the supply chain and communication networks of critical sectors.
In an effort to potentially spread mass panic in the U.S. mainland as a distraction from potential military action in the Asia-Pacific region, Volt Typhoon, a threat group with ties to the People's Republic of China, targeted key U.S. infrastructure providers.
David Wiseman, Vice President of Secure Communications at BlackBerry, oversees security insights related to these threats. BlackBerry’s technologies focus on enhancing communications security for governments and sectors like defense and critical infrastructure, implying the malware detected impacts these sensitive environments.
The use of novel malware and exploitation of critical vulnerabilities in various products, including VPN appliances, is a growing concern for CISOs. VPN appliances are considered high-value targets for state-linked threat actors, posing a significant risk to organizations that rely on them.
Ismael Valenzuela, VP of threat research and intelligence at BlackBerry, stated that the end goal of attacks, whether from financially motivated attackers or nation states, is to cause havoc. The evolving role of CISOs involves helping corporate stakeholders better understand the risks associated with their technology stacks, including the potential for their organizations to be targeted by cyberattacks.
Organizations in the critical infrastructure sector are willing to pay significantly to prevent disruptions, according to Valenzuela. The report also showed a 27% increase in the use of novel malware, suggesting threat actors were actively working to evade traditional defenses.
U.S. authorities warned of a rising threat to critical infrastructure providers in January, linked to state-sponsored activity from Volt Typhoon. Threat groups exploited critical vulnerabilities in various products such as Citrix Netscaler, Cisco Adaptive Security Appliance, and JetBrains TeamCity to gain entry into targeted organizations.
As the digital landscape continues to evolve, it is crucial for CISOs to stay vigilant and adapt their defenses to counteract these increasingly sophisticated threats. For detailed malware families and technical specifics, direct access to BlackBerry’s 2023 threat reports or cybersecurity bulletins would be required, as publicly accessible summaries do not enumerate exact malware names.
- The malware detected by BlackBerry, as stated by David Wiseman, Vice President of Secure Communications at BlackBerry, often targets operational technology systems and poses a significant risk to organizations in sensitive environments like critical infrastructure.
- The evolving role of CISOs, as Ismael Valenzuela, VP of threat research and intelligence at BlackBerry, suggests, involves helping corporate stakeholders understand the risks associated with their technology stacks, including the potential for their organizations to be targeted by cyberattacks that use novel malware and exploit critical vulnerabilities in technology products such as VPN appliances.
