Industries should brace for more threats as criminals expand the attack surface

Increased availability of sophisticated attack toolkits, along with threats aimed at embedded technologies in connected vehicles, manufacturing and mobile devices, and those taking advantage of misconfigurations in cloud computing deployments are all causing concern for business.

The 2020 Annual Threat Report from BlackBerry Cylance says the search to find and exploit vulnerabilities has seen a shift in the industries most targeted, particularly towards the automotive sector.

BlackBerry Cylance researchers have discovered new backdoors being deployed by APT group OceanLotus (APT 32) in a 2019 campaign targeting multinational automotive manufacturers. As more vehicles become connected -- and the attention given to potential outcomes of cyberattacks on vehicles increases -- attacks against this sector are anticipated to grow. As such, the industry must continue investing in cybersecurity processes and secure connected software to ensure public trust in the transportation technologies of the future.

The retail and wholesale sectors remain the most targeted, almost a quarter (23 percent) of all retailers suffered a compromise of sensitive financial information. Three of the most prevalent threats of 2019 -- Emotet, Ramnit and Upatre -- all focused on retail organizations. Coinmining operations also had a focus on retailers, with 47 percent of attacks impacting that sector.

Among other findings, managed security service providers (MSSPs) are becoming targets as new ransomware called Sodinokibi is designed to cause mass disruption by infiltrating hosted environments. There's also increased use of host-encrypted malware, which is almost impossible to analyze in a lab, decreasing defenders' understanding of the malicious code and the ability for security solutions to block it.

"Threat intelligence on APT groups can help organizations understand who is attacking their enterprise, and the actor’s mode of operations and motives, in order to be more proactive in protecting vulnerable systems against advanced threats," says Brian Robison, chief evangelist at BlackBerry Cylance. "In 2020, AI and machine learning will continue to prove critical for threat prevention and remediation strategies because of the advantage they offer through continuous learning and proactive threat modelling of attacks that continue to become more complex."

The full report is available from the Cylance site.

Image Credit: underverse /Shutterstock