IBM’s 2024 X-Force Report Reveals Identity Crisis in Cybersecurity Landscape

Aiden Kiprop
By Aiden Kiprop 5 Min Read

IBM has unveiled its highly anticipated 2024 X-Force Threat Intelligence Index, shedding light on a concerning global identity crisis as cybercriminals increasingly target user identities to infiltrate enterprises worldwide.

This alarming trend is not confined to the broader global landscape but is also prevalent in the Middle East and Africa region (MEA), where the exploitation of valid local and cloud accounts has emerged as a predominant tactic in cyberattacks against organizations, according to findings by X-Force. This underscores the critical need for robust user access and control strategies by enterprises in the region.

The report from IBM X-Force, the consulting arm specializing in offensive and defensive security services, indicates a notable shift in cybercriminal tactics.

In 2023, threat actors exhibited a preference for leveraging valid accounts to gain unauthorized access to corporate networks, marking a significant departure from traditional hacking methods.

Within the MEA region, Saudi Arabia emerged as the primary target, accounting for 40% of all incidents responded to by X-Force, closely followed by the United Arab Emirates (UAE) at 30%.

The finance and insurance sectors were the most heavily targeted industries in the region, comprising 38% of incidents, with transportation and energy sectors each accounting for 19%.

The X-Force Threat Intelligence Index draws insights from monitoring over 150 billion security events daily across 130 countries. The comprehensive analysis incorporates data from various IBM sources, including X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and inputs from Red Hat Insights and Intezer.

In the MEA region, cybercriminals are increasingly exploiting valid accounts as a convenient entry point, with a significant number of compromised credentials readily available on the Dark Web.

The use of valid local accounts (52%) and valid cloud accounts (48%) emerged as the most common initial infection vectors in cyberattacks, with espionage being the primary objective.

Globally, the report highlights a surge in infostealing malware aimed at pilfering personal identifiable information, such as email credentials, social media accounts, banking details, and cryptocurrency wallet data.

In the MEA region, malware was the predominant tool employed by threat actors, accounting for 50% of incidents, followed by DDoS attacks, email threats, unauthorized server access, and misuse of legitimate tools for malicious purposes, each at 17%.

The ease with which attackers can exploit valid accounts poses a significant challenge for enterprises, necessitating complex response measures to mitigate the impact. Breaches resulting from stolen or compromised credentials require an average of 11 months to detect and recover from, making it the lengthiest response lifecycle compared to other infection vectors.

As adversaries increasingly leverage generative AI to optimize their attacks, the threat to user identities is expected to escalate further. The report underscores the urgent need for organizations to adopt AI-powered solutions to bolster their defenses against evolving cyber threats.

Babacar Kane, General Manager and Technology Leader of IBM Africa Growth Markets, emphasized the criticality of proactive security measures in safeguarding sensitive information in the digital era. He stressed the importance of embracing AI-powered solutions to enhance organizational resilience and combat evolving cyber threats effectively.

To assist organizations in fortifying their cybersecurity posture, the X-Force report offers the following recommendations:

  1. Reduce blast radius: Implement solutions to minimize the potential impact of data security incidents by adopting a least privileged framework, network segmentation, and an identity fabric to enhance security capabilities.
  2. Stress-test environments: Engage ethical hackers to identify vulnerabilities that cybercriminals could exploit and develop customized incident response plans to expedite response and recovery processes.
  3. Adopt AI securely: Secure AI adoption by safeguarding underlying training data, models, and infrastructure, leveraging frameworks such as IBM’s Framework for Securing Generative AI to prioritize defenses based on risk and potential impact.

The 2024 X-Force Threat Intelligence Index underscores the critical importance of proactive cybersecurity measures in mitigating the escalating threat landscape and safeguarding organizations against sophisticated cyberattacks.

Share This Article
Leave a comment
WP2Social Auto Publish Powered By :