Our cyber desk shares key details from the IBM XForce Threat Intelligence Index 2024. This report highlights the changing nature of cyber threats, including the increase in valid account abuse and infostealer malware activities, emphasizing the importance of updated cybersecurity practices.
Most Prevalent Types of Attacks:
Valid Accounts Abuse: For the first time, abusing valid accounts became cybercriminals’ most common entry point, representing 30% of all incidents X-Force responded to in 2023. This indicates a shift towards identity-targeted attacks.
Infostealer Malware: There was a significant upsurge in the use of infostealer malware, with a 266% increase observed in activities related to infostealers. This type of malware is designed to steal sensitive information, further contributing to the stolen credentials marketplace on the dark web.
Ransomware: Despite a drop in enterprise ransomware incidents (an 11.5% year-over-year decrease), ransomware remains a common action on objectives, making up 20% of the incidents.
Security Misconfigurations: Misconfigurations were the top observed web application risk, accounting for 30% of total findings from penetration testing engagements. This underscores the ongoing challenge of maintaining secure configurations in the digital infrastructure.
Industries Most Affected:
Manufacturing: This sector was the most targeted, with attacks on the manufacturing industry representing 25.7% of incidents within the top 10 attacked industries. Malware was the top action on objective, observed at 45%, and ransomware accounted for 17% of incidents in this sector.
Professional, Business, and Consumer Services: This broad category saw significant targeting, likely due to the wide range of valuable data and financial assets it encompasses.
Finance and Insurance: This industry remains a prime target due to the direct financial gains available to attackers. It continues to face a variety of threats, from credential theft to ransomware attacks.
Geographic Trends:
Europe: Became the most impacted region in 2023, accounting for 32% of incidents. Attacks involving valid accounts and phishing were particularly prevalent here.
North America: Saw a 26% share of incidents, with malware deployment and legitimate tool misuse being common. The use of valid accounts was the top initial access vector at 41%.
Asia-Pacific: Dropped to third most impacted, making up 23% of global incidents X-Force responded to. Malware, particularly ransomware, and infostealers were notable threats.
These figures highlight the importance of robust cybersecurity measures across all industries, with a particular focus on identity and access management, timely patch management, and the secure configuration of web applications and cloud services to mitigate these prevalent threats.
The IBM XForce Threat Intelligence Index 2024 provides crucial information on current cyber threats. Understanding these trends is vital for enhancing security measures. For a detailed exploration of these findings, access the full report here.