According to IBM’s 2024 X-Force Threat Intelligence Index, data shows a 71% increase in cybercriminals exploiting legitimate credentials to access and compromise corporate networks, representing 30% of the total initial access vectors used in 2023.
Methods the cybercriminals use to access valid accounts include obtaining or buying credentials from the dark web and/or through infostealing malware. In 2023, X-Force observed a 266% increase in infostealing malware.
While 70% of attacks globally targeted critical infrastructure, 84% of observed incidents on critical infrastructure “could have been mitigated with best practices and security fundamentals, such as asset and patch management, credential hardening and the principle of least privilege.”
IBM assessed that AI hasn’t been a serious threat so far but could become one in the future. Charles Henderson, head of IBM X-Force, commented:
“While ‘security fundamentals’ doesn’t get as many head turns as ‘AI-engineered attacks,’ it remains that enterprises’ biggest security problem boils down to the basic and known – not the novel and unknown. Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimize the tactic.”
The 2024 X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion daily security events in more than 130 countries.
Dave Ratner, CEO, HYAS had this to say:
“With so many attacks exploiting legitimate credentials for access and exploitation, the need for cyber resiliency solutions has never been greater, especially for critical infrastructure providers and MSSP/MSPs that may protect their smaller cousins. The use of legitimate credentials means that much of the existing security stack is bypassed and ineffective — cyber resiliency solutions that see the anomalous behavior inside the environment, and track and shut down the command-and-control communication, provide security and safety regardless of the credentials being used for initial access.”
Troy Batterberry, CEO and Founder, EchoMark follows with this:
“Employees continue to contribute to cybersecurity risks faced by organizations, either through their poor credential practices or worse, deliberate acts of theft or leakage. Organizations must holistically raise their cybersecurity bar, including through much better identity requirements for their employees and also broader insider risk programs.”
Hopefully organizations are paying attention to this IBM report because it proves where the weak points in your defences are, and where you need to invest to address them.
Like this:
Like Loading...
Related
This entry was posted on February 21, 2024 at 4:35 pm and is filed under Commentary with tags IBM. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
71% Surge In Identity Exploitation As Top Access Method: IBM
According to IBM’s 2024 X-Force Threat Intelligence Index, data shows a 71% increase in cybercriminals exploiting legitimate credentials to access and compromise corporate networks, representing 30% of the total initial access vectors used in 2023.
Methods the cybercriminals use to access valid accounts include obtaining or buying credentials from the dark web and/or through infostealing malware. In 2023, X-Force observed a 266% increase in infostealing malware.
While 70% of attacks globally targeted critical infrastructure, 84% of observed incidents on critical infrastructure “could have been mitigated with best practices and security fundamentals, such as asset and patch management, credential hardening and the principle of least privilege.”
IBM assessed that AI hasn’t been a serious threat so far but could become one in the future. Charles Henderson, head of IBM X-Force, commented:
“While ‘security fundamentals’ doesn’t get as many head turns as ‘AI-engineered attacks,’ it remains that enterprises’ biggest security problem boils down to the basic and known – not the novel and unknown. Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimize the tactic.”
The 2024 X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion daily security events in more than 130 countries.
Dave Ratner, CEO, HYAS had this to say:
“With so many attacks exploiting legitimate credentials for access and exploitation, the need for cyber resiliency solutions has never been greater, especially for critical infrastructure providers and MSSP/MSPs that may protect their smaller cousins. The use of legitimate credentials means that much of the existing security stack is bypassed and ineffective — cyber resiliency solutions that see the anomalous behavior inside the environment, and track and shut down the command-and-control communication, provide security and safety regardless of the credentials being used for initial access.”
Troy Batterberry, CEO and Founder, EchoMark follows with this:
“Employees continue to contribute to cybersecurity risks faced by organizations, either through their poor credential practices or worse, deliberate acts of theft or leakage. Organizations must holistically raise their cybersecurity bar, including through much better identity requirements for their employees and also broader insider risk programs.”
Hopefully organizations are paying attention to this IBM report because it proves where the weak points in your defences are, and where you need to invest to address them.
Share this:
Like this:
Related
This entry was posted on February 21, 2024 at 4:35 pm and is filed under Commentary with tags IBM. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.