Back in February this year, BlackBerry released its 2021 Annual Threat Report, which uncovered the breadth and depth of COVID-19 exploitation by the cybercrime industry so incredibly emboldened, that "crimewave-as-a-service" models have become increasingly accessible.
BlackBerry is no longer a smartphone company, but a company that provides intelligent security software and services to enterprises and governments around the world, securing more than 500M endpoints including 175M cars on the road today.
The company leverages AI and machine learning to deliver what need to be innovative solutions in the areas of cybersecurity, safety and data privacy solutions, and claims to be a leader in the areas of endpoint security, endpoint management, encryption, and embedded systems, all so it can help "secure a connected future you can trust."
With so many companies in 2020 having to suddenly support a large proportion of their workforce remotely, with many being forced to digitise various parts of their infrastructure overnight, everyone - including cybercriminals - quickly realised that we weren't in Kansas anymore.
|
BlackBerry explained this evolution and adoption of digital offerings "exposed companies to inadequate protections for employees and customers amongst an ever-growing and under-secured attack surface. There was also a greater merging of cyber and physical threats, with cybercriminals increasingly targeting healthcare organisations or using the pandemic to trick already vulnerable populations."
Indeed, just one local example of this was the ransomware attack on Melbourne's Eastern Health services, let alone the cyber attack on the Nine Entertainment Group, which still wasn’t back to normal two weeks after the cyber attack occurred.
At the time of the report’s release, Eric Milam, Vice President of Research and Intelligence, BlackBerry said: “The cybersecurity industry becomes more complex each passing year as new technologies, devices and innovations emerge – and at no time was that truer than in 2020, which witnessed everything from a global pandemic to the U.S. election.
“As the world becomes more interconnected and as new dimensions to cybercrime continue to rise, preparation will become a key factor in successful threat prevention in 2021.
“As both public and private organisations work to meet cyber espionage groups at ground zero, the foundation for robust security practices remains unchanged. From round-the-clock monitoring to AI-driven security tools and insider threat detection, the same time-tested security fundamentals – and an understanding of how current events impact an organisation’s attack surface – can make the difference between a data breach and a successful cyber defence,” Milam continued.
So, when we were offered the opportunity to talk with Jonathan “JJ” Jackson, BlackBerry’s Director of Engineering APAC, to discuss the 2021 Annual Threat Report, it was something we definitely wanted to do.
That interview is immediately embedded below, after which is a list of the report’s highlights, followed by a summary of the topics we discussed - so please watch the interview, and read on!
Key Findings in the 2021 Annual Threat Report
- Ransomware attacks shifted from performing indiscriminate targeting to conducting highly focused campaigns deployed via compromised MSSPs
- Elections remained vulnerable to cyber attacks through unsecured mobile technology, insufficient DMARC email protection, and over-exposure of personal information on social media
- Global automakers faced new regulations to protect connected vehicles from cyber attacks and data theft
- Numerous phishing campaigns targeted critical infrastructure systems across manufacturing, healthcare, energy services and food supply sectors
- Mercenary threat groups experienced a year of growth as unscrupulous actors and organizations outsourced their cyber attacks
- Ransomware-as-a-service offerings grew in popularity, replacing traditional off-the-shelf ransomware with ready-made exploit kits, malspam campaigns and threat emulation software
- Newer APT groups like CostaRicto targeted disparate victims worldwide with their customised backdoors and tooling
- Emotet, the banking trojan turned attack platform, received new upgrades and capabilities, including a flaw that allowed BlackBerry researchers to easily identify and prevent it from installing on systems
Highlights of the report are here, and the report can be freely downloaded in full here after free registration.
In the video interview above, we started by introducing Jonathan “JJ” Jackson, BlackBerry’s Director of Engineering APAC, and welcoming him to the program:
- We covered how BlackBerry is no longer the smartphone company it once was, and how it is now a global cybersecurity company, and JJ explained what BlackBerry offers in 2021 to its global customers, and what makes the company different.
- We discussed the Threat Report’s major findings, and the impact COVID-19 had on the report, and the report’s findings.
- BlackBerry is also securing connected vehicles, and JJ explained the company’s solid work in this area.
- We looked at the issues customers in Australia are seeking BlackBerry’s support with, and how the company is helping its customers secure their systems in the face of Solarwinds, MS Exchange, ransomware attacks and more.
- JJ covered some of the customer success stories in Australia and the region, after which he talked about the lessons BlackBerry itself learned from COVID, and the digital acceleration the company also faced itself.
- JJ then talked about some of his own history in the world of tech, shared memories of his first computer, how he felt BlackBerry would evolve over the next few years, great advice JJ has received in life, and his final message to readers, viewers and to BlackBerry’s current and future customers and partners.
So, to learn more, please watch the video interview above - and check out the 2021 Annual Threat Report here.