View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Use of novel malware jumps 40% in 3 months, new report finds

BlackBerry study also observed trends in hacking methods, targeted sectors and major criminal groups.

By Livia Giannotti

The use of new malware in cyberattacks jumped by 40% in Q1 of 2024, compared to the last quarter of 2023, and is five times higher than a year ago, according to a new report. 

novel malware illustrated through cyberattack
Novel malware attacks are particularly difficult to detect and fight. (Photo: Shutterstock)

Novel (or unique) malware attacks use hacking methods that are new or unknown, making them particularly difficult to detect and fight. The impossibility of anticipating unique malware usually results in longer response and defence times, and ultimately in further damage to targeted systems. 

The BlackBerry Global Threat Intelligence report examined the global threat landscape between January and March and observed trends in cybersecurity and attacks. “Each iteration of this report highlights startling new trends: novel malware is growing with no signs of stopping, and threat actors are highly motivated, be it for financial gain or to create chaos,” said BlackBerry’s vice president of threat research and intelligence, Ismael Valenzuela.

The cybersecurity report also looked at the most targeted sectors, hacking methods, malware types and key players.

Critical infrastructure most targeted by cyberattacks

The report found that 60% of cyberattacks targeted critical infrastructure, making it the prime target for breaches. Of those industries, the financial sector was the most attacked (40% of the attacks on critical infrastructure), followed by the healthcare sector (24%), the utility sector (18%) and the government sector (14%).

BlackBerry also found that 32% of novel malware hashes targeted “critical infrastructure tenants”. Of those, 36% targeted government and public sector organisations.

However, commercial enterprises have also been victims of more cyberattacks, compared to the last quarter. While the total number of attacks they faced saw a mere 2% increase, they have encountered 10% more novel malware.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

“Just as industries are impacted by cybersecurity threats, individual companies also battle cyberattacks, especially as they tend to rely more on digital infrastructure for finance, communications, sales, procurement and other business operations,” the report says. “Everything from start-ups to multinational conglomerates are susceptible to cyberthreats, particularly ransomware.”

CVEs are increasingly exploited by hackers

The report found that cybercriminals are increasingly using common vulnerabilities and exposures (CVEs) to hack systems. It says that CVEs provide a “framework for identifying, standardising and publicising known security vulnerabilities and exposures.” 

The observed CVEs were not only more numerous but they were more serious, too. BlackBerry’s study found that 56% of all the reported CVEs were given a severity score of seven out of ten, presenting a 3% increase from previous numbers.

“CVEs have been rapidly weaponised in all forms of malware,” the report says, highlighting the importance for cyber experts to regularly and thoroughly examine systems for cyber threats.

Who are the major ransomware groups?

Ransomware attacks continue to grow, especially those targeting commercial enterprises and the healthcare sector, according to the study.

“Most of these groups are financially motivated; they quickly adapt new tactics and techniques to evade traditional cybersecurity defences and will rapidly exploit any new security vulnerabilities,” the report says.

Major ransomware groups named in the report include Hunters International, LockBit, ALPHV and 8Base. “Despite takedowns, [these] ransomware groups wreak havoc,” BlackBerry said.

The team of experts behind the report predicts that “threat actors will continue to take extensive measures to carefully target their victims.”

“A rise in new ransomware and infostealers indicates that private data will continue to be highly sought after by threat actors, where sectors like healthcare and financial services will be top targets for attack.”

Read more: Ransomware trends to prepare for in 2024

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.