Cybercriminals are pivoting to stealthier tactics, with lower-profile credential theft spiking, while ransomware attacks on enterprises have declined.
These are among the findings of a new report from IBM X-Force which also observes an 84 percent increase in emails delivering infostealers in 2024 compared to the previous year, a method threat actors rely heavily on to scale identity attacks.
Critical infrastructure organizations have accounted for 70 percent of all attacks that IBM X-Force responded to last year, with more than a quarter of these attacks caused by vulnerability exploitation.
More cybercriminals are opting to steal data (18 percent) rather than encrypt it (11 percent) as advanced detection technologies and increased law enforcement efforts pressure cybercriminals to adopt faster exit paths.
Almost one in three incidents observed in 2024 resulted in credential theft, as attackers invest in multiple pathways to quickly access, exfiltrate and monetize login information.
“Cybercriminals are most often breaking in without breaking anything — capitalizing on identity gaps overflowing from complex hybrid cloud environments that offer attackers multiple access points,” says Mark Hughes, global managing partner of cybersecurity services at IBM. “Businesses need to shift away from an ad-hoc prevention mindset and focus on proactive measures such as modernizing authentication management, plugging multi-factor authentication holes and conducting real-time threat hunting to uncover hidden threats before they expose sensitive data.”
The report also notes an uptick in phishing emails delivering infostealers and early data for 2025 reveals an even greater increase of 180 percent compared to 2023. This upward trend fueling follow-on account takeovers may be attributed to attackers employing AI to create phishing emails at scale.
Asia and North America are the most attacked regions, accounting for nearly 60 percent of all attacks that IBM X-Force responded to globally, Asia (34 percent) and North America (24 percent) experienced more cyberattacks than any other region in 2024.
You can get the full report from the IBM site and there will be a webinar to discuss the findings on April 22nd at 11am ET.
Image credit: [email protected]/depositphotos.com
