As security leaders know, the threat landscape is constantly changing. As technology develops at rapid rates, so do common cyberattack methods. The explosion of artificial intelligence (AI) has made it easier for cybercriminals to launch attacks with fewer resources or skills.
BlackBerry has released their 2023 Q2 report, analyzing cybersecurity events from March to May 2023. The report focused on critical infrastructure and large organizations, such as banks or hospitals. According to the report, threat actors deployed about 11.5 attacks per minute across all sectors. The healthcare and financial sector were some of the most targeted. This was due to the information these industries hold (bank account information, personally identifiable information [PII] and Social Security numbers) and that is seen as particularly lucrative for cybercriminals. It can be used as blackmail material or for further crimes, such as identity theft.
Healthcare is also a common target due to the essential systems within hospitals. Threat actors know that hospitals cannot be offline for extended periods and will target them in the hope that they’ll pay the ransom quickly to get back online.
According to the report, government organizations are attractive to cybercriminals with geopolitical or financial motivations. Q2 was largely dominated by ransomware attacks targeting North American city and state government systems.
Critical infrastructure is also a common target for attacks. While often isolated from other systems, increasing digitization has opened critical infrastructure to new risks. Like healthcare, critical infrastructure organizations need to keep running to prevent disaster, making them more likely to pay a ransom to threat actors. According to the report, the U.S. faced the most critical infrastructure attacks, followed by India, Japan and Ecuador.