Stolen Credentials Identified as Primary Risk in X-Force Threat Intelligence Index 2024

The 2024 edition of the IBM X-Force Threat Intelligence Index, compiled by IBM X-Force analysts, illuminates key trends shaping the cybersecurity landscape:

1. Abuse of Valid Accounts: Cybercriminals increasingly favor exploiting valid accounts, marking a 71% surge in the use of stolen credentials as access vectors. This method, alongside phishing, accounted for 30% of all incidents in 2023. Detection of such activities poses challenges due to the difficulty in distinguishing legitimate from malicious user behavior.
    
2. Rise in Infostealer Malware: Malware designed to steal information and acquire credentials saw a significant uptick, with a 266% surge observed. Notably, ransomware groups pivoted towards infostealers, contributing to an 11.5% decrease in enterprise ransomware incidents. However, extortion-based attacks remained prevalent, underscoring the importance of robust security measures.
    
3. Generative AI and Cybersecurity: The rise of generative AI (gen AI) introduces new security concerns, although concrete evidence of gen AI-engineered cyberattacks remains elusive. While phishing stands as a potential initial application of AI in malicious activities, widespread adoption of AI technology will likely drive the evolution of AI-enabled threats.

The report emphasizes the persistence of traditional security challenges, particularly regarding identity and access management. Cybercriminals' renewed focus on exploiting identities underscores the significance of reinforcing security fundamentals. Enterprises must prioritize identity protection and remain vigilant against credential theft, which often originates from compromised devices or through credential reuse.

In essence, while the emergence of AI-driven threats commands attention, addressing fundamental security vulnerabilities remains paramount in safeguarding against evolving cyber risks. The report urges organizations to fortify their security postures and prioritize the mitigation of known threats alongside preparing for the potential impact of emerging technologies.