Sony Pixel Power calrec Sony

IBM Report: Cybercriminals Intensify Attacks on User Identities in the UK, Complicating Recovery Efforts for Enterprises

21/02/2024

LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.

According to IBM X-Force, IBM Consulting's security services arm, cybercriminals last year generated more opportunities to log in to corporate networks through valid accounts, instead of hacking into them making this tactic a preferred weapon of choice for threat actors.

The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer , which contributed to the 2024 report.

An emerging identity crisis

The report data revealed that exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.

According to the report, 50% of cyberattacks in the UK involved the exploitation of valid accounts as the initial access vector' and a further 25% of cases involved the exploitation of public-facing applications. Across Europe, X-Force observed a 66% year-on-year rise in attacks caused by the use of valid accounts contributing to Europe's prevalence as the most targeted region of 2023 and the record number of attacks that X-Force has ever reported regionally.

The criminal ecosystem was also quick to adapt to the use of valid accounts by attackers. In 2023, X-Force observed a 266% increase in infostealing malware, which is designed to steal personal and enterprise credentials, personally identifiable information, and banking and crypto wallet information.

This easy entry for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, worldwide, major incidents caused by attackers using valid accounts were linked to nearly 200% more complex response measures by security teams than the average incident with defenders needing to distinguish between legitimate and malicious user activity on the network.

In fact, IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months from detection to recovery the longest response lifecycle among all infection vectors.

Martin Borrett, Technical Director, IBM Security, UK, and Ireland (UKI) commented:

Our findings reveal that identity is increasingly being weaponised against enterprises, exploiting valid accounts and compromising credentials. It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.

Addressing cybersecurity challenges requires a strategic approach, emphasising the reinforcement of foundational security measures. Streamlining identity management through a unified Identity and Access Management (IAM) provider and strengthening legacy applications with modern security protocols are crucial steps in mitigating risks. Additionally, subjecting your system to rigorous stress tests by skilled offensive security teams proves invaluable in uncovering potential weaknesses. This insight is pivotal for crafting a robust incident response plan that engages all teams, from IT professionals to C-suite executives.

Julian David, CEO of techUK, added:

In an era marked by the growing sophistication of cybercriminals who exploit legitimate accounts to breach business defences, IBM's X-Force Threat Intelligence Index serves as a stark wake-up call.

The report underscores a troubling pattern where half of the cyberattacks in the UK rely on legitimate accounts for initial access, presenting significant challenges to businesses' recovery endeavours. To effectively combat this threat, businesses must adopt a strategic approach, integrating modern security protocols to mitigate risks and strengthen their defences against the ever-evolving landscape of cyber threats.

Further key UK findings include:

Malware made up 30% of security incidents observed in the UK.

Ransomware (30%) and cryptominers (20%) were the top malware types encountered in the country.

The impact of attacks was evenly distributed with extortion, digital currency mining and data leaks each making up 25% of total impacts in the UK.

This marks a shift from 2022, when half the cases X-Force observed in the UK involved extortion (57%) twice the global average followed by data theft (29%).

The professional, business and consumer services industry was the most targeted sector in the UK, representing 39% of cases.

Energy (30%) and finance & insurance (17%) were the second and third most targeted industries in UK, respectively.

Manufacturing was the most targeted industry in Europe, accounting for 28% of cases.

Europe overall experienced the highest percentage of incidents within the energy sector at 43%, as well as finance and insurance at 37%.

Major takeaways from the global report included:

Attacks on critical infrastructure reveal industry faux pas.

Worldwide, an alarming 69.6% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets' need for uptime to advance their objectives.

In 84% of attacks on critical sectors globally, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals indicating that what the security industry historically described as basic security may be harder to achieve than portrayed.

Exploiting public-facing appl
LINK: https://uk.newsroom.ibm.com/IBM-Report-Cybercriminals-Intensify-Attack...
See more stories from ibm

Europe Stories

04/08/2024

Dalet Appoints Santiago Solanas as CEO to Lead Next Era of Growth and Innovation

Dalet, a leading technology and service provider for media-rich organizations, is excited to announce Santiago Solanas as its new Chief Executive Officer (CEO)....

03/06/2024

Dalet and Veritone Reach Agreement to Distribute, Transact and Monetize Media Archives

Dalet, a leading technology and service provider for media-rich organizations, a...

28/04/2024

Mediahaus delivers the first SRT live-streaming sports production over 5G with URSA Broadcast G2

Mediahaus delivers the first SRT live-streaming sports production over 5G with U...

13/04/2024

Lighting a Horror Scene With LEE Filters

In this video, gaffer Elena Armellini takes viewers behind the scenes as she lights a horror scene. She and her crew black-out the locations windows to give the...

13/04/2024

Blackmagic Design unveils game-changer' URSA Cine 12K

The company has also unveiled DaVinci Resolve 19, which adds new AI tools, as well as over 100 feature upgrades By Jenny Priestley Published: April 13, 2024 ...

13/04/2024

Fellowship Church Drastically Elevates Reliability and Quality With Riedel Communications

Wuppertal April 13, 2024 Fellowship Church Drastically Elevates Reliability an...

13/04/2024

ATK Versacom Excels With Riedel Communications at High-Profile Broadcast Events

Wuppertal April 13, 2024 ATK Versacom Excels With Riedel Communications at High-Profile Broadcast EventsRiedel Communications today announced that it showcase...

13/04/2024

Riedel Enhances Interstellar Technologies' Space Launch With Advanced Communication and Video Transmission Solutions

Wuppertal April 13, 2024 Riedel Enhances Interstellar Technologies Space Launc...

13/04/2024

Riedel's Simplylive Production Suite Empowers Lafayette College to Live Stream High-Quality Sports Broadcasts Simultaneously

Wuppertal April 13, 2024 Riedel's Simplylive Production Suite Empowers Laf...

13/04/2024

Riedel Expands RiCapture Ingest Solutions Portfolio With Release of i8, i44, and i84

Wuppertal April 13, 2024 Riedel Expands RiCapture Ingest Solutions Portfolio W...

13/04/2024

STRENGTHEN YOUR CONTENT PROTECTION STRATEGY BEYOND DRM: A HOLISTIC APPROACH

In todays digital age, where the consumption of media content has shifted towards streaming platforms, the importance of safeguarding digital assets against pir...

12/04/2024

Bergerac is reimagined by BlackLight TV in a brand-new series for UKTV's free streaming service UKTV Play and free-to-air channel Drama

Friday 12th April 2024 Detective Jim Bergerac will be returning to the iconic se...

12/04/2024

KAROL G Teams Up With Spotify and FC Barcelona To Release Special Matchday Shirts, Merchandise Collection, and Matchday Playlist

Spotify is once again bringing together record-breaking legends from the worlds ...

12/04/2024

MediaSilo to Offer Camera to Cloud with Atomos

MediaSilo to Offer Camera to Cloud with Atomos Integration between MediaSilo and Atomos Cloud Studio unlocking rapid transfer of content from on-set to editor...

12/04/2024

Filming in extreme conditions: Mammals production team reveal all

Producer/directors Stuart Armstrong and Will Lawson detail the specialist cameras used to capture the footage for the series Dark and Cold episodes By Matthew ...

12/04/2024

Cinedeck partners with Paramount to create MTV integrated delivery platform

Cinedecks new ConneX Hub master tool leverages Adobe Frame.io and the companys ConneX products By Matthew Corrigan Published: April 12, 2024 Cinedeck'...

12/04/2024

Nikon completes acquisition of RED

The acquisition aims to enable the development of distinctive products, while leveraging the business foundations of both Nikon and Red By Matthew Corrigan P...

12/04/2024

Alison Pavitt joins Blue Lucy

She joins joins Blue Lucy after a number of years at Pebble By Jenny Priestley Published: April 12, 2024 She joins joins Blue Lucy after a number of years...

12/04/2024

VEON management increases share ownership

12 Apr 2024 VEON management increases share ownership Amsterdam, 12 April 2024 - VEON Ltd. (NASDAQ: VEON, Euronext Amsterdam: VEON), a global digital operator ...

12/04/2024

Harmonic VOS Media Software Achieves CNF Certification on Red Hat OpenShift

SAN JOSE, Calif. - April 12, 2024 - Harmonic (NASDAQ: HLIT) today announced that the company's VOS Media Software is a validated cloud-native network funct...

12/04/2024

Fox Corporation Earns 2024 VETS Indexes 4 Star Employer Award

Fox Corporation Earns 2024 VETS Indexes 4 Star Employer Award New York, NY and Los Angeles, CA - April 12, 2024 - Fox Corporation (Nasdaq: FOXA, FOX) ( FOX o...

12/04/2024

Broadcast Industry Leaders Spearhead Investment in RUN3TV, Key NEXTGEN TV Application Platform

Broadcast Industry Leaders Spearhead Investment in RUN3TV, Key NEXTGEN TV Applic...

11/04/2024

5 Spotify Premium Hacks You Need To Know

Finding the perfect song, pod, or audiobook can be transformative, which is why we here at Spotify continuously innovate our products and features to provide th...

11/04/2024

Canadian Music Has Evolved Into a Global Export. Canada Must Evolve With It.

As the Canadian Radio-television and Telecommunications Commission (CRTC) updates the country's Broadcasting Act, it faces a fundamental question: Who count...

11/04/2024

Spotify and Substack Partner To Bring Even More Podcasts to Listeners

At Spotify, we always want to deliver more value for podcast creators and their fans. That's why we're excited to announce a new integration with Substa...

11/04/2024

Clear-Com Empowers The Kennedy Center with Seamless Communication Solutions

eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......

11/04/2024

Setting a new standard for storage

EditShare's new EFS NVMe storage solution allows creative professionals to deliver their 4K and 8K projects with unprecedented levels of performance and thr...

11/04/2024

It took 20 years to get here': Filmlight debuts media access tool

Nara can natively decode and playback a wide selection of media without the need to transcode to proxy files By Jenny Priestley Published: April 11, 2024 U...

11/04/2024

UK MPs call for freelancers' commissioner for creative industry

The Committee has recommended the establishment of a cross-departmental Freelancers Commissioner By Matthew Corrigan Published: April 11, 2024 Updated: Apr...

11/04/2024

Preserving TV's technological heritage

Jenny Priestley meets a group of enthusiasts who are working to preserve TV technology from across the decades, including cameras, OB trucks and telecine machin...

11/04/2024

Rise Academy announces new leadership, London Summer School to return

Andy Beale, Lisa Collins and Jackie Howes will lead the charity By Jenny Priestley Published: April 11, 2024 Andy Beale, Lisa Collins and Jackie Howes wil...

11/04/2024

Editor's choice: Ten things to look out for at 2024 NAB Show

From artificial intelligence and an autonomously AI-powered humanoid robot, to an immersive golf experience and our first proper look at Sphere, this is whats o...

11/04/2024

NEP/Bexel's Pairing of Riedel's Award-Winning Intercom Solution and Love Island USA' Is a Match Made in Heaven

Wuppertal April 11, 2024 NEP/Bexel's Pairing of Riedel's Award-Winning...

11/04/2024

Filmocentro Enhances Playout Efficiency with Harmonic's Cloud Solutions

SAN JOSE, Calif. - April 11, 2024 - Harmonic (NASDAQ: HLIT) today announced the successful implementation of its cloud-native VOS 360 Media SaaS for Chilean con...

11/04/2024

Fox Corporation Executives to Discuss Third Quarter Fiscal 2024 Financial Results Via Webcast

Fox Corporation Executives to Discuss Third Quarter Fiscal 2024 Financial Result...

11/04/2024

BLUE LUCY EXPANDS SENIOR MANAGEMENT TEAM

Blue Lucy, has hired accomplished industry expert Alison Pavitt as chief marketing officer. Pavitt's appointment into the newly created role concludes a per...

11/04/2024

2024-04-11

Today Apple announced an upcoming enhancement to existing repair processes that will enable customers and independent repair providers to utilize used Apple par...

10/04/2024

Mark Gatiss to write and star in Bookish, a brand-new detective drama for Alibi

Wednesday 10th April 2024 UKTVs catalogue of original drama continues to grow, with the commission of six-part series, Bookish (6x70) for its specialist crime d...

10/04/2024

AI and Regulation: Advocating for an Informed and Collaborative Approach

A regulator, a technologist and a politician walking into a conference room - the beginning of a very geeky joke - or more accurately, the start of the second T...

10/04/2024

Meet the New Generation of Colombian Urban Artists Making Waves

In recent years, reggaeton has become practically synonymous with Colombia. The country has infused its own sounds and a unique flow into the genre, establishin...

10/04/2024

Conoce a la nueva generacin de artistas urbanos colombianos que la estn rompiendo

En los ltimos a os, el reggaeton se ha convertido pr cticamente en un sin nimo ...

10/04/2024

VFX house UNIT moves into new London home

UNIT will now have numerous VFX suites housing Flame, Flame Assist, Nuke and Nuke Studio, while the lower ground floor will house MCR, QC and Open Studio workin...

10/04/2024

WINNER OF RT ONE'S HOME OF THE YEAR 2024 REVEALED

Marty Campbell and Shane Murray have lifted the coveted Home of the Year 2024 trophy for their renovated 1920's terrace home in Dublin. In tonight's fi...

10/04/2024

NAGRA at NAB 2024: Safeguarding premium content value from production to consumption, uncovering deep fakes, and more.

Cheseaux-sur-Lausanne, Switzerland, and Phoenix (AZ), USA - April 9, 2024 - NAGR...

10/04/2024

Harmonic Introduces State-of-the-Art In-Stream Advertising for Live Sports Streaming

SAN JOSE, Calif. - April 10, 2024 - Harmonic (NASDAQ: HLIT) today announced a gr...

10/04/2024

Dolby and Electronic Music Visionary Anyma Celebrate the Transcendent Experience of Dolby Atmos Music in Dolby's Lov...

10 April 2024, 09:00 (PDT) Dolby and Electronic Music Visionary Anyma Celebrate...

10/04/2024

Thales and Intel enable advanced protection for the Google Cloud ecosystem

Facebook Twitter LinkedIn Enables persistent protection of the most sensitive enterprise workloads in the cloud through customer-controlled data security,...

10/04/2024

Grass Valley will Showcase Innovative Live Production Solutions at NAB Show 2024

Grass Valley will Showcase Innovative Live Production Solutions at NAB Show 2024 posted: 10/04/2024 Grass Valleys LDX C150 Grass Valley will unveil its ...

10/04/2024

Rohde & Schwarz launches new era of efficient, sustainable, and smart broadcast transmission

Rohde & Schwarz launches new era of efficient, sustainable, and smart broadcast ...