Report reveals 'sudden surge' in cyberattacks targeting government agencies

A new report has found that cyberattacks targeting government agencies and the public sector increased at an alarming rate in recent months, as threat actors unleashed a slate of novel malware campaigns that impacted financial institutions, healthcare services and critical infrastructure industries. 

The quarterly Global Threat Intelligence report published by Blackberry shows a 40% increase in attacks targeting government agencies and the public sector between March and May, as well as a 13% increase in novel malware samples that the company observed from the previous reporting period's average. 

"With limited resources and immature cyber defense programs, these organizations are struggling to defend against the double-pronged threat of both nation states and cybercriminals," Ismael Valenzuela, vice president of threat research and intelligence at Blackberry, said in a statement. 

The report described the spike in attacks against the public sector as a "sudden surge" in part attributed to state-sponsored threat actors linked to Russia and North Korea that became "extremely active" throughout the latest quarter. 

"These actors typically target the United States, Europe and South Korea, with a focus on targeting government agencies, military organizations, businesses and financial institutions," the report said. "They also frequently adapt their techniques to make their attacks harder to detect and defend against."

The apparent spike in cyberattacks targeting U.S. institutions comes amid recent high-profile intrusions impacting several federal agencies. 

Last month, Microsoft confirmed that a cybercriminal allegedly based in China gained access to unclassified government email accounts as part of an apparent espionage campaign that impacted approximately 25 separate organizations, including multiple federal agencies. A senior official with the Cybersecurity and Infrastructure Security Agency described the attack on a phone call with reporters at the time as a "surgical campaign" that began on May 15. 

Energy infrastructure experts also recently warned Congress that the U.S. power grid is currently facing a myriad of increased cybersecurity threats from both domestic extremists and foreign adversaries that could pose catastrophic consequences across the country. 

The Global Threat Intelligence report says threat actors view healthcare and financial institutions — which often provide critical services to millions of Americans while maintaining troves of valuable data — as lucrative targets. It also notes that the continued rise in remote access to things like mobile banking services have created emerging mobile threats like data exfiltration and financial app spoofing, among others.