LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
According to IBM X-Force, IBM Consulting's security services arm, cybercriminals last year generated more opportunities to log in to corporate networks through valid accounts, instead of hacking into them making this tactic a preferred weapon of choice for threat actors.
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer , which contributed to the 2024 report.
An emerging identity crisis
The report data revealed that exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.
According to the report, 50% of cyberattacks in the UK involved the exploitation of valid accounts as the initial access vector' and a further 25% of cases involved the exploitation of public-facing applications. Across Europe, X-Force observed a 66% year-on-year rise in attacks caused by the use of valid accounts contributing to Europe's prevalence as the most targeted region of 2023 and the record number of attacks that X-Force has ever reported regionally.
The criminal ecosystem was also quick to adapt to the use of valid accounts by attackers. In 2023, X-Force observed a 266% increase in infostealing malware, which is designed to steal personal and enterprise credentials, personally identifiable information, and banking and crypto wallet information.
This easy entry for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, worldwide, major incidents caused by attackers using valid accounts were linked to nearly 200% more complex response measures by security teams than the average incident with defenders needing to distinguish between legitimate and malicious user activity on the network.
In fact, IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months from detection to recovery the longest response lifecycle among all infection vectors.
Martin Borrett, Technical Director, IBM Security, UK, and Ireland (UKI) commented:
Our findings reveal that identity is increasingly being weaponised against enterprises, exploiting valid accounts and compromising credentials. It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.
Addressing cybersecurity challenges requires a strategic approach, emphasising the reinforcement of foundational security measures. Streamlining identity management through a unified Identity and Access Management (IAM) provider and strengthening legacy applications with modern security protocols are crucial steps in mitigating risks. Additionally, subjecting your system to rigorous stress tests by skilled offensive security teams proves invaluable in uncovering potential weaknesses. This insight is pivotal for crafting a robust incident response plan that engages all teams, from IT professionals to C-suite executives.
Julian David, CEO of techUK, added:
In an era marked by the growing sophistication of cybercriminals who exploit legitimate accounts to breach business defences, IBM's X-Force Threat Intelligence Index serves as a stark wake-up call.
The report underscores a troubling pattern where half of the cyberattacks in the UK rely on legitimate accounts for initial access, presenting significant challenges to businesses' recovery endeavours. To effectively combat this threat, businesses must adopt a strategic approach, integrating modern security protocols to mitigate risks and strengthen their defences against the ever-evolving landscape of cyber threats.
Further key UK findings include:
Malware made up 30% of security incidents observed in the UK.
Ransomware (30%) and cryptominers (20%) were the top malware types encountered in the country.
The impact of attacks was evenly distributed with extortion, digital currency mining and data leaks each making up 25% of total impacts in the UK.
This marks a shift from 2022, when half the cases X-Force observed in the UK involved extortion (57%) twice the global average followed by data theft (29%).
The professional, business and consumer services industry was the most targeted sector in the UK, representing 39% of cases.
Energy (30%) and finance & insurance (17%) were the second and third most targeted industries in UK, respectively.
Manufacturing was the most targeted industry in Europe, accounting for 28% of cases.
Europe overall experienced the highest percentage of incidents within the energy sector at 43%, as well as finance and insurance at 37%.
Major takeaways from the global report included:
Attacks on critical infrastructure reveal industry faux pas.
Worldwide, an alarming 69.6% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets' need for uptime to advance their objectives.
In 84% of attacks on critical sectors globally, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals indicating that what the security industry historically described as basic security may be harder to achieve than portrayed.
Exploiting public-facing appl
Europe Stories
05/01/2027
Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...
04/08/2026
Dalet, a leading technology and service provider for media-rich organizations, t...
04/07/2026
April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...
01/06/2026
January 6 2026, 05:30 (PST) Dolby Sets the New Standard for Premium Entertainment at CES 2026
Throughout the week, Dolby brings to life the latest innovatio...
09/05/2026
New desktop instrument focused on tactile performance
Bastl Instruments have announced Kalimba, a new desktop instrument that combines physical modelling, F...
09/05/2026
Compact sampling workstation gains new features
1010music have announced blackbox 2, a new version of their compact standalone sampler designed for DAWless ...
08/05/2026
One-button synth generates random four-track ideas
Cyma Forma and French artist Bambounou have announced RND synth, a compact hardware synthesizer built aro...
08/05/2026
Portable four-layer granular and sampling instrument
Tasty Chips have announced the GR-2, a new granular synthesizer and sampling instrument that combines e...
08/05/2026
Video Show Report
Video of SUPERBOOTH 26: Polyend Drums
Polyends big announcement for Superbooth 2026 is the Drums, a new drum machine that features both ...
08/05/2026
Deal agreed as NI enters new chapter
Native Instruments CEO Nick Williams has announced that a definitive agreement has been signed for the company to be ac...
08/05/2026
Video Show Report
Video of SUPERBOOTH 26: Erica Bullfrog Drums
The Bullfrog Drums is the latest collaboration between Erica Synths and Richie Hawtin, and ...
08/05/2026
In our latest blog, Tim Pearson reflects on the recent launch of Play Snooker, the new digital home of snooker by the World Professional Billiards and Snooker A...
08/05/2026
Pete reunites with Dogs Trust for a fourth series and a two-part overseas special
London, Friday 8th May 2026: The award winning factual entertainment series P...
08/05/2026
Wuppertal May 8, 2026
Riedel to Support Glasgow 2026 as Official Connectivity Integration Provider Riedel Communications today announced its return as a spons...
08/05/2026
ICG is excited to share news of our official launch in Northern Ireland, marking a significant milestone in the agency's growth.
Led by Digital Marketing M...
08/05/2026
Over the past ten years, Thames Water, in partnership with Arqiva, has installed more than 1.2 million smart meters, creating one of the most extensive advanced...
07/05/2026
Journalists reporting on Sudan are working in one of the most complex and fast-m...
07/05/2026
Seit dem Start im Jahr 2023 hat DJ (Beta) das personalisierte H rerlebnis von 94...
07/05/2026
Da quando stata presentata nel 2023, DJ (beta) ha aiutato a definire un'esperienza d'ascolto pi personalizzata per 94 milioni di utenti Spotify Premi...
07/05/2026
Since launching in 2023, DJ (beta) has helped shape a more personalized listenin...
07/05/2026
Desde o lan amento em 2023, o DJ (beta) j ajudou a deixar a experi ncia de ouvi...
07/05/2026
From our earliest days, Spotify has been built on a simple principle: Great audio should be easy to reach. It's what's driven us to expand from music to...
07/05/2026
Asian and Pacific Islander artists continue to shape the global soundscape, pushing creative boundaries and connecting with fans worldwide. This Asian & Pacific...
07/05/2026
Company announce long-requested choir instrument
In the latest expansion of their Symphonic Elements series, UJAM have introduced an all-new vocal instrumen...
07/05/2026
Modular-inspired sound generation with digital control
Buchla have introduced Ziggy, a new compact synthesizer built around the company's complex oscill...
07/05/2026
Combines analogue voices with digital synthesis and sequencing
Polyend have announced Drums, a new hybrid analogue and digital drum machine that combines sy...
07/05/2026
Control surface now officially supports four DAWs
When Nektar launched the Panorama CS12 control surface, it worked exclusively with Apple's Logic Pro, ...
07/05/2026
In the first quarter 2026, SGL Carbon generated consolidated sales of 184.5 million, which was 49.8 million, or 21.3%, lower than in the prior year (Q1 2025: ...
07/05/2026
Rohde & Schwarz and Greenerwave achieve precise and fast ESA antenna characteriz...
07/05/2026
January 8, 2024
Colorfront (colorfront.com), a leader in high-performance, on-s...
07/05/2026
February 9, 2024
Colorfront (colorfront.com), the multi-award-winning pioneer i...
07/05/2026
March 20, 2024
NAB 2024, Las Vegas - Colorfront (colorfront.com), the multi-awa...
07/05/2026
April 1, 2025
CINEMACON, APRIL 1, 2025 - Colorfront (colorfront.com), the multi-award-winning developer of high-performance dailies/transcoding/streaming syste...
07/05/2026
June 15, 2025
Colorfront (colorfront.com), an Academy and Emmy Award-winning de...
07/05/2026
June 15, 2025
Colorfront participated in the ICTA Barcelona Cinema Technology Summit on Sunday, June 15, 2025. Held at The Phenomena Experience, the event feat...
07/05/2026
July 1, 2025
Colorfront (colorfront.com), the multi-award-winning developer of high-performance dailies/transcoding/streaming systems for motion pictures, OTT,...
07/05/2026
July 1, 2025
Passion and dedication will take you places. Come with us on a short trip to the heart of India, where Annapurna Studios is living-up to the inspi...
07/05/2026
July 3, 2025
Colorfront (colorfront.com), the multi-award-winning developer of high-performance dailies/transcoding/streaming systems for motion pictures, OTT,...
07/05/2026
September 1, 2025
IBC 2025, Amsterdam - Colorfront (colorfront.com) - the Acade...
07/05/2026
April 17, 2026
LOS ANGELES - April 17, 2026 - Colorfront today announced Colorf...
07/05/2026
April 23, 2026
NAB 2026, Las Vegas - the Academy and Emmy Award-winning develop...
07/05/2026
Comscore to Announce First Quarter 2026 Financial ResultsRESTON, Va., May 7, 2026 - Comscore, Inc. (Nasdaq: SCOR), a trusted partner for planning, transacting a...
07/05/2026
Thursday 7 May 2026
Sky continues Sphere Abacus partnership with The Death of S...
07/05/2026
Thursday 7 May 2026
Sky Confirms Saturday Night Live UK will return this September for Series Two
Saturday Night Live UK will return for a second series, as S...
07/05/2026
Save 20% on the Sky Glass Gen 2 and Sky Glass Air TVsThursday 7 May 2026
How to watch the World Cup on Sky Glass
Tune into the World Cup on the BBC and ITV vi...
07/05/2026
Production sound mixer Dirk Sciarrotta has mixed Family Feud for 28 seasons. Thats up to 200 syndicated episodes per year, plus primetime celebrity specials - a...
07/05/2026
As audience expectations have evolved, Owen has stopped trying to hide microphones or excuse amplification. Instead, he treats sound as a fully immersive part o...
07/05/2026
Well known Irish faces pushed to the edge in new series of
Uncharted with Ray G...
07/05/2026
RT will premiere A Traveller Family, a compelling new documentary exploring the...
LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
