BlackBerry Threat Report details rise of COVID-19 exploitation

Get a free Techzine subscription!

Blackberry says cyber criminals are becoming better at finding and targeting vulnerable organizations.

This week, Blackberry released their 2021 BlackBerry Threat Report. The report details a sharp increase in cyberthreats facing organizations since the onset of COVID-19.

The research shows that cyber criminals have not only adapted to new digital habits, but have also become much more adept at finding and targeting vulnerable organizations. The report also reveals that mercenaries and crimeware-as-a-service models have become increasingly accessible.

The rapid shift to remote working has created vulnerabilities

The onset of the COVID pandemic forced many organizations to rapidly support a large proportion of their workforce remotely. This sudden change meant many businesses were forced to digitize various parts of their infrastructure immediately.

The evolution and adoption of digital tools and platforms has left many companies with inadequate protections for employees and customers. This has happened even as an ever-growing and under-secured attack surface materialized.

There was also a greater merging of cyber and physical threats, according to the report. Cybercriminals are increasingly targeting healthcare organizations or using the pandemic to trick already vulnerable enterprises and populations.

Increased complexity has led to “crimeware-as-a-service”

“The cybersecurity industry becomes more complex each passing year as new technologies, devices and innovations emerge – and at no time was that truer than in 2020, which witnessed everything from a global pandemic to the U.S. election,” said Eric Milam, Vice President of Research and Intelligence, BlackBerry. “As the world becomes more interconnected and as new dimensions to cybercrime continue to rise, preparation will become a key factor in successful threat prevention in 2021.”

The Blackberry report also describes an emerging market for crimeware-as-a-service. This type of crime has now become a sort of business model for ambitious malefactors. The report also details the increasing sophistication and collaboration of these hacker-for-hire groups.

Indeed, the “ransomware-as-a-service” model has already proven highly successful, as more non-digital natives transacted online. However, additional research shows that these shadowy hacker groups possess the tools once thought to be solely the domain of nation-state attackers.

This empowerment of random hackers presents a new danger for companies, according to Blackberry. As these groups evolve, attacks can be more frequent, skillful and targeted.