Sony Pixel Power calrec Sony

IBM Report: Cybercriminals Intensify Attacks on User Identities in the UK, Complicating Recovery Efforts for Enterprises

21/02/2024

LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.

According to IBM X-Force, IBM Consulting's security services arm, cybercriminals last year generated more opportunities to log in to corporate networks through valid accounts, instead of hacking into them making this tactic a preferred weapon of choice for threat actors.

The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer , which contributed to the 2024 report.

An emerging identity crisis

The report data revealed that exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.

According to the report, 50% of cyberattacks in the UK involved the exploitation of valid accounts as the initial access vector' and a further 25% of cases involved the exploitation of public-facing applications. Across Europe, X-Force observed a 66% year-on-year rise in attacks caused by the use of valid accounts contributing to Europe's prevalence as the most targeted region of 2023 and the record number of attacks that X-Force has ever reported regionally.

The criminal ecosystem was also quick to adapt to the use of valid accounts by attackers. In 2023, X-Force observed a 266% increase in infostealing malware, which is designed to steal personal and enterprise credentials, personally identifiable information, and banking and crypto wallet information.

This easy entry for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, worldwide, major incidents caused by attackers using valid accounts were linked to nearly 200% more complex response measures by security teams than the average incident with defenders needing to distinguish between legitimate and malicious user activity on the network.

In fact, IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months from detection to recovery the longest response lifecycle among all infection vectors.

Martin Borrett, Technical Director, IBM Security, UK, and Ireland (UKI) commented:

Our findings reveal that identity is increasingly being weaponised against enterprises, exploiting valid accounts and compromising credentials. It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.

Addressing cybersecurity challenges requires a strategic approach, emphasising the reinforcement of foundational security measures. Streamlining identity management through a unified Identity and Access Management (IAM) provider and strengthening legacy applications with modern security protocols are crucial steps in mitigating risks. Additionally, subjecting your system to rigorous stress tests by skilled offensive security teams proves invaluable in uncovering potential weaknesses. This insight is pivotal for crafting a robust incident response plan that engages all teams, from IT professionals to C-suite executives.

Julian David, CEO of techUK, added:

In an era marked by the growing sophistication of cybercriminals who exploit legitimate accounts to breach business defences, IBM's X-Force Threat Intelligence Index serves as a stark wake-up call.

The report underscores a troubling pattern where half of the cyberattacks in the UK rely on legitimate accounts for initial access, presenting significant challenges to businesses' recovery endeavours. To effectively combat this threat, businesses must adopt a strategic approach, integrating modern security protocols to mitigate risks and strengthen their defences against the ever-evolving landscape of cyber threats.

Further key UK findings include:

Malware made up 30% of security incidents observed in the UK.

Ransomware (30%) and cryptominers (20%) were the top malware types encountered in the country.

The impact of attacks was evenly distributed with extortion, digital currency mining and data leaks each making up 25% of total impacts in the UK.

This marks a shift from 2022, when half the cases X-Force observed in the UK involved extortion (57%) twice the global average followed by data theft (29%).

The professional, business and consumer services industry was the most targeted sector in the UK, representing 39% of cases.

Energy (30%) and finance & insurance (17%) were the second and third most targeted industries in UK, respectively.

Manufacturing was the most targeted industry in Europe, accounting for 28% of cases.

Europe overall experienced the highest percentage of incidents within the energy sector at 43%, as well as finance and insurance at 37%.

Major takeaways from the global report included:

Attacks on critical infrastructure reveal industry faux pas.

Worldwide, an alarming 69.6% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets' need for uptime to advance their objectives.

In 84% of attacks on critical sectors globally, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals indicating that what the security industry historically described as basic security may be harder to achieve than portrayed.

Exploiting public-facing appl
LINK: https://uk.newsroom.ibm.com/IBM-Report-Cybercriminals-Intensify-Attack...
See more stories from ibm

Europe Stories

05/01/2027

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be demoed at CES 2026

Worlds first 802.15.4ab-UWB chip verified by Calterah and Rohde & Schwarz to be ...

06/09/2026

Dolby and MagentaTV Bring Fans Closer to the FIFA World Cup 2026 in Germany with Dolby Vision and Dolby Atmos

June 9 2026, 23:00 (PDT) Dolby and MagentaTV Bring Fans Closer to the FIFA Worl...

04/08/2026

Dalet Announces Commercial Availability of Dalia, Bringing Media-Aware Agentic AI to Enterprise Productions

Dalet, a leading technology and service provider for media-rich organizations, t...

04/07/2026

Detective Conan: Fallen Angel of the Highway Opens in Dolby Cinemas Across Japan, Presented in Dolby Atmos and Dolby ...

April 7 2026, 19:00 (PDT) Detective Conan: Fallen Angel of the Highway Opens in...

02/07/2026

The Crow Hill Company introduce Brackish Pads

Stammering, stuttering, strangulated tones The Crow Hill Company's latest creation promises to be the most original sound set they've produced to d...

02/07/2026

Steinberg SpectraLayers 13 now available

A new era in unmixing and spectral editing The latest version of Steinberg's spectral audio-editing software has just arrived, building on the strength...

02/07/2026

Sine Machine from Melatonin

Aims to simplify additive synthesis Sine Machine is the debut launch from Melatonin, a Vienna-based developer who have spent the past six years creating wha...

02/07/2026

iZotope acquired by Boris FX

Products to remain fully active & supported Following the news of Native Instruments joining the inMusic brand line-up, Academy and Emmy Award-winning visua...

02/07/2026

GearExpo UK 2026

What you missed! Last weekend, Saturday 27 June 2026, saw the debut of Sound On Sounds new GearExpo UK event, the largest dedicated pro-audio event to take ...

02/07/2026

Tea with Judi Dench returns to Sky Arts with legendary guest, Sir Ian McKellen

Thursday 2 July 2026 Tea with Judi Dench returns to Sky Arts with legendary guest, Sir Ian McKellen Sky today confirms Tea with Judi Dench will return this su...

01/07/2026

Tracktion unleash Waveform 14 DAW

New AI Assistant, Multi-channel Audio, ARA2 improvements & more Tracktion's DAW software has just received its latest major update, gaining a selection ...

01/07/2026

The Crow Hill Company release Brackish Pads

Stammering, stuttering, strangulated tones The Crow Hill Company's latest creation promises to be the most original sound set they've produced to d...

01/07/2026

Sweetwater & Andertons launch Darkglass Anagram Limited Edition Guitar Essentials

Exclusive run of limited-edition modelling pedals Sweetwater and Andertons M...

01/07/2026

** MEDIA ALERT ** BLEACH Comes to Life in Los Angeles with First-of-Its-Kind Artist Gallery Experience During Anime Expo Week

** MEDIA ALERT ** BLEACH Comes to Life in Los Angeles with First-of-Its-Kind...

01/07/2026

UKTV appoints Matt Berry as General Manager to lead brand and marketing strategy

UKTV has today announced the appointment of Matt Berry to the newly created role of General Manager - Marketing, effective 1 July. Matt will take on this senio...

01/07/2026

Fussy asks Britain one simple question: Are you a Tosser?

Sky Zero Footprint Fund-backed TV campaign featuring Deborah Meaden challenges consumers to rethink everyday bathroom wasteWednesday 1 July 2026 Fussy asks Bri...

01/07/2026

New Sky research reveals postcode lottery leaving girls behind in sport

Constituency-level analysis reveals where girls miss out most on sport - and where targeted action could unlock more than £640 million in economic and health be...

01/07/2026

Riedel and SKAARHOJ Expand Collaboration With SimplyLive Integration

Wuppertal July 1, 2026 Riedel and SKAARHOJ Expand Collaboration With SimplyLive IntegrationRiedel Communications today announced an expanded collaboration wit...

01/07/2026

Apple Creator Studio gets smarter, faster, and more connected - UPDATE - Posted on 30 June 2026

Apple today introduced power-packed updates to Apple Creator Studio, a groundbre...

01/07/2026

Nectar360 becomes first UK Retail Media Network to achieve IAB Europe Certification following independent ABC audit

Nectar360, the Retail Media, Loyalty and Insights business of the Sainsburys Gro...

01/07/2026

FIFA World Cup delivers strong audiences across all RT platforms

9.2 million streams on RT Player between 11 and 28 June Reach of 2.9 million viewers during Group stages of FIFA World Cup on RT 2 23 million video views acr...

30/06/2026

Entries open for Thomson's Young Journalist Award 2026

Could your journalism reach an international stage? Entries are now open for the Thomson Foundation's Young Journalist Award 2026, one of the most prestigi...

30/06/2026

UJAM release Retrocraft multi-effects

Brings together saturation & lo-fi effects Following on from the release of their Voxcraft vocal-processing plug-in, UJAM have announced the launch of Retro...

30/06/2026

Zensphere v2 from Rapid Flow

New IR reverb engine, Juno-inspired chorus & more The latest version of Rapid Flow's hardware-emulation synth plug-in expands on its predecessor with a ...

30/06/2026

Shy Audio release Shy 90s Smack

Excels at heavy-handed VCA compression For their latest release, Shy Audio have recreated the crunchy' sound of a rackmount compressor that found its w...

30/06/2026

Apple raise Mac & iPad prices

Component scarcity drives cost increases Shortly after Apple's CEO Tim Cook acknowledged that cost increases would soon be inevitable , the company hav...

30/06/2026

The First Hitachi Cash Recycling Devices in the EU Were Deployed at Bank Pekao S.A.

Hitachi and Bank Pekao S.A. have completed the installation of the first Hitachi...

30/06/2026

Clear-Com Upgrades Communication Systems for Jeopardy! and Wheel of Fortune

eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......

29/06/2026

Evolve Dark Matter from Excite Audio

Four-layer instrument aimed at dark electronic music Excite Audio's latest software instrument has been designed with dark drum and bass, atmospheric te...

29/06/2026

Tracktion unleashes Waveform 14 DAW

New AI Assistant, Multi-channel Audio, ARA2 improvements & more Tracktion's DAW software has just received its latest major update, gaining a selection ...

29/06/2026

Focusrite publish 2026 Sustainability Report

Details environmental policies & results The Focusrite Group have just announced that following a long audit process, they have published their 2026 sustain...

29/06/2026

Arvato Systems Achieves AWS Cloud Operations Competency

Arvato Systems Achieves AWS Cloud Operations Competency The team behind the AWS Cloud Operations Competency (from left to right: Philipp Hellmich, Johanna Bod...

29/06/2026

Ger Gilroy to join RT to present a Daily Sports Podcast

RT today announced that Ger Gilroy will join the RT Podcasts team to present a daily sports podcast. Launching later this year, the new show will set the spor...

29/06/2026

OUTsurance announced as sponsors of Oliver Callan on RT Radio 1

RT Commercial announced OUTsurance as sponsor of the Oliver Callan show on RT Radio 1 from Wednesday 1 July. Oliver Callan doubles the fun, delivering two ...

28/06/2026

Softube unveil lower cost Console 1 Compact

Half-size model joins Console 1 line-up Shortly after the release of their new Flow Studio controller, Softube have announced the launch of another new surf...

28/06/2026

EVE Audio introduce EVE Origin

New EXO Series DSP control software announced EVE Audio's EXO Series monitor range has just gained a new software element that provides remote access to...

27/06/2026

UJAM release Retrocraft

Brings together saturation & lo-fi effects Following on from the release of their Voxcraft vocal-processing plug-in, UJAM have announced the launch of Retro...

26/06/2026

David Kuckhermann brings calabash to Celemony Tonalic

Virtual session musician plug-in gains new percussion options Celemony's latest update for their virtual session musician platform complements the exist...

26/06/2026

Softube unveil the Console 1 Compact

Half-size model joins Console 1 line-up Shortly after the release of their new Flow Studio controller, Softube have announced the launch of another new surf...

26/06/2026

ELT Group and Rohde & Schwarz sign a cooperation agreement to explore commercial opportunities in electromagnetic warfare and defense

ELT Group and Rohde & Schwarz sign a cooperation agreement to explore commercial...

26/06/2026

Prison Wives of TikTok is Locked In for U and U&W

Flicker Productions to produce five-part docu-reality series following women who have fallen for men in prison and have become TikTok sensations, with brands an...

26/06/2026

Automating post-production workflows with Baselight, Daylight, Nara & FilmLight API. New York. 8 July 2026

Catch up on the latest developments across Baselight and Daylight v7, Nara and F...

26/06/2026

DFT installs second Polar HQ at China News Film Confirming Position as China's Leading 8K Film Preservation Partner

26. June 2026 News DFT is pleased to announce that a second Polar HQ film s...

26/06/2026

New documentary Freedom Founder: Thomas McKean and the American Revolution comes to RT

A fresh look at how the Irish helped shape the foundations of the United States ...

25/06/2026

Music Production for Women announce Soundlab 2026

Six free workshops across two days Global music education platform Music Production for Women (MPW), have just announced a brand new and highly anticipated ...

25/06/2026

CIOKS launch the DC7 v2

Popular pedalboard PSU gets an upgrade The DC7 v2 is a new and improved version of the renowned effects pedal PSU from CIOKS, and is said to be the thinnest...

25/06/2026

Rev Ocean reverb from Arturia

Optimised for lush, enveloping sounds Described as an instantly rewarding reverb , the latest addition to Arturia's range of creative effects plug-ins ...

25/06/2026

Just 48 hours until GearExpo UK!

27 June 2026, Westminster University Harrow Campus GearExpo UK is now upon us, with just two days to go until 150 of the worlds top pro-audio brands and ind...