IBM’s annual X-Force Threat Intelligence Index report released today highlights an emerging global crisis in identity as cybercriminals continue to compromise users worldwide.

Based on insights and observations from over 150 billion security events tracked daily across IBM, Red Hat and Intezer, the report found that cybercriminals are finding more opportunities to log in versus hacking into corporate networks through valid accounts. Logically, being able to access an account without needing to hack it is a lot easier than hacking it, as the report noted that obtaining credentials is the preferred choice of threat actors.

How much threat actors want login credentials were represented in the finding from IBM that there was a 266% uptick in infostealing malware in 2023. Infostealing malware, as the name suggests, is designed to steal personally identifiable information such as emails, social media and messaging app credentials, banking details and crypto wallet data.

The “easy entry” path, as the report refers to it, is one that’s harder to detect. According to X-Force, major incidents caused by attackers using valid accounts were associated with nearly 200% more complex response measures by security teams than the average incident – with defenders needing to distinguish between legitimate and malicious user activity on the network.

Malicious actors and threat groups were also found to be fond of targeting critical infrastructure organizations, with 70% of attacks that X-Force responded to last year being against high-value infrastructure targets. Nearly 85% of attacks that X-Force responded to in the sector were caused by exploiting public-facing applications, phishing emails and the use of valid accounts.

Artificial intelligence was the talk of the tech world in 2023 and so to was it for cybercriminals, with the report explaining that cybercriminals are now exploiting AI to improve their returns on investment.

X-Force makes the bold claim that once generative AI market dominance is established – “where a single technology approaches 50% market share or when the market consolidates to three or less technologies” — there could be a similar maturing of AI as an attack surface used by cybercriminals. Now is the time for enterprises to secure their AI models before cybercriminals scale up their activity, it says.

Other findings in the report were that adversaries like Europe, with nearly one in three attacks last year targeting European nations. Surprisingly, X-Force found that the number of phishing attacks decreased by 44% last year from 2022, but that could change given that AI can now speed up attacks.

Photo: IBM X-Force