'Sudden surge' in cyberattacks on government: report

Blackberry's quarterly threat report said attacks on government agencies and the public sector rose 40% since last year.

A new report says cyberattacks targeting government agencies and the public sector increased in recent months, due in part to novel malware campaigns that affected financial institutions, healthcare services, and critical-infrastructure industries. 

March to May 2023 saw a 40% increase in attacks targeting government agencies and the public sector and a 13% increase in novel malware samples compared to the same period last year, according to the quarterly Global Threat Intelligence report published by Blackberry. 

"With limited resources and immature cyber defense programs, these organizations are struggling to defend against the double-pronged threat of both nation states and cybercriminals," Ismael Valenzuela, vice president of threat research and intelligence at Blackberry, said in a statement. 

The report described the spike in attacks against the public sector as a "sudden surge" in part attributed to state-sponsored threat actors linked to Russia and North Korea that became "extremely active" throughout the latest quarter. 

"These actors typically target the United States, Europe and South Korea, with a focus on targeting government agencies, military organizations, businesses and financial institutions," the report said. "They also frequently adapt their techniques to make their attacks harder to detect and defend against."

The apparent spike in cyberattacks targeting U.S. institutions comes amid recent high-profile intrusions impacting several federal agencies. 

Last month, Microsoft confirmed that a cybercriminal allegedly based in China gained access to unclassified government email accounts as part of an apparent espionage campaign that affected about 25 organizations, including federal agencies. A senior official with the Cybersecurity and Infrastructure Security Agency described the attack on a phone call with reporters at the time as a "surgical campaign" that began on May 15. 

Energy infrastructure experts also recently warned Congress that the U.S. power grid is facing increased cybersecurity threats from domestic extremists and foreign adversaries. 

Blackberry's report says threat actors view healthcare and financial institutions — which often provide critical services to millions of Americans while maintaining troves of valuable data — as lucrative targets. It also said that the continued rise in remote access to services, including mobile banking services, has created mobile threats such as data exfiltration and financial app spoofing.