LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
According to IBM X-Force, IBM Consulting's security services arm, cybercriminals last year generated more opportunities to log in to corporate networks through valid accounts, instead of hacking into them making this tactic a preferred weapon of choice for threat actors.
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer , which contributed to the 2024 report.
An emerging identity crisis
The report data revealed that exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.
According to the report, 50% of cyberattacks in the UK involved the exploitation of valid accounts as the initial access vector' and a further 25% of cases involved the exploitation of public-facing applications. Across Europe, X-Force observed a 66% year-on-year rise in attacks caused by the use of valid accounts contributing to Europe's prevalence as the most targeted region of 2023 and the record number of attacks that X-Force has ever reported regionally.
The criminal ecosystem was also quick to adapt to the use of valid accounts by attackers. In 2023, X-Force observed a 266% increase in infostealing malware, which is designed to steal personal and enterprise credentials, personally identifiable information, and banking and crypto wallet information.
This easy entry for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, worldwide, major incidents caused by attackers using valid accounts were linked to nearly 200% more complex response measures by security teams than the average incident with defenders needing to distinguish between legitimate and malicious user activity on the network.
In fact, IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months from detection to recovery the longest response lifecycle among all infection vectors.
Martin Borrett, Technical Director, IBM Security, UK, and Ireland (UKI) commented:
Our findings reveal that identity is increasingly being weaponised against enterprises, exploiting valid accounts and compromising credentials. It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.
Addressing cybersecurity challenges requires a strategic approach, emphasising the reinforcement of foundational security measures. Streamlining identity management through a unified Identity and Access Management (IAM) provider and strengthening legacy applications with modern security protocols are crucial steps in mitigating risks. Additionally, subjecting your system to rigorous stress tests by skilled offensive security teams proves invaluable in uncovering potential weaknesses. This insight is pivotal for crafting a robust incident response plan that engages all teams, from IT professionals to C-suite executives.
Julian David, CEO of techUK, added:
In an era marked by the growing sophistication of cybercriminals who exploit legitimate accounts to breach business defences, IBM's X-Force Threat Intelligence Index serves as a stark wake-up call.
The report underscores a troubling pattern where half of the cyberattacks in the UK rely on legitimate accounts for initial access, presenting significant challenges to businesses' recovery endeavours. To effectively combat this threat, businesses must adopt a strategic approach, integrating modern security protocols to mitigate risks and strengthen their defences against the ever-evolving landscape of cyber threats.
Further key UK findings include:
Malware made up 30% of security incidents observed in the UK.
Ransomware (30%) and cryptominers (20%) were the top malware types encountered in the country.
The impact of attacks was evenly distributed with extortion, digital currency mining and data leaks each making up 25% of total impacts in the UK.
This marks a shift from 2022, when half the cases X-Force observed in the UK involved extortion (57%) twice the global average followed by data theft (29%).
The professional, business and consumer services industry was the most targeted sector in the UK, representing 39% of cases.
Energy (30%) and finance & insurance (17%) were the second and third most targeted industries in UK, respectively.
Manufacturing was the most targeted industry in Europe, accounting for 28% of cases.
Europe overall experienced the highest percentage of incidents within the energy sector at 43%, as well as finance and insurance at 37%.
Major takeaways from the global report included:
Attacks on critical infrastructure reveal industry faux pas.
Worldwide, an alarming 69.6% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets' need for uptime to advance their objectives.
In 84% of attacks on critical sectors globally, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals indicating that what the security industry historically described as basic security may be harder to achieve than portrayed.
Exploiting public-facing appl
Europe Stories
11/12/2025
Dalet, a leading provider of cloud-native, end-to-end media workflow solutions, ...
28/11/2025
It's easy to ignore those little red update available badges. But when it ...
28/11/2025
Friday 28 November 2025
Sky Sports x Slawn drop limited-edition football jersey...
28/11/2025
Rohde & Schwarz shows resilience in a challenging environment, revenue exceeds t...
28/11/2025
Unwrapped: The Toy Show Appeal - airing this Sunday on RT One and RT Player- s...
27/11/2025
27 Nov 2025
GSMA brings M360 Eurasia 2026 to Samarkand in partnership with VEON...
27/11/2025
Tahar Rahim and Izuka Hoyle star in the gripping six-part Sky Original from Acad...
27/11/2025
Thursday 27 November 2025
Sky Arts Reveals the Nation's Greatest Basslines - and Queen Reign Supreme
The UK's most iconic basslines have been revealed...
27/11/2025
Rating reflects rating progress across areas including policies, diversity & inclusion, health & safety and Net Zero leadership
Winchester, UK, 27 November 202...
27/11/2025
What are the industry standards for Retail Media? Kathryn explains that certification is based on the IAB Europe Retail Media Measurement Standards and the IAB ...
27/11/2025
World champion boxer and Irish sporting icon Katie Taylor will be in studio this...
27/11/2025
Roblox, one of the world's most popular online gaming platforms for primary ...
26/11/2025
Book podcasts are booming. On Spotify, you'll find everything from celebrity book clubs to deep dives with bestselling authors. And in markets where audiobo...
26/11/2025
YouView Achieves Greenly Gold Certification for SustainabilityNov 26, 2025
YouView is proud to announce a Gold Certification award from Greenly for our perform...
25/11/2025
Tracy Bonareri Onchoke, an investigative journalist from Kenya is the winner of the Thomson Foundation's Young Journalist Award 2025.
The 26-year-old-sele...
25/11/2025
The best playlists, podcasts, and audiobooks bring a little extra magic to your daily routine. With new features and offerings, Spotify Premium delivers even mo...
25/11/2025
Comprehensive new research confirms what we already knew: Australian music fans love the quality, quantity, and access they have to new and local music on strea...
25/11/2025
Applicable Products
Objectives The purpose of this application note is to give a brief background on 5G (NR) wireless communication an explain the reason a SN...
25/11/2025
25. November 2025 Cecilia Pierron
Last week, we took part in OnDAM 2025, an educational conference fully dedicated to DAM, hosted by Activo Consulting. The ...
25/11/2025
25 Nov 2025
VEON's QazCode and MeetKai Sign Agreement to Power National LLM...
25/11/2025
UKTV has acquired a high-profile slate of US dramas from Paramount Global Conten...
25/11/2025
A symphony of genius, rivalry and vengeance, boldly reimagined from Peter Shaffe...
25/11/2025
Article courtesy of Cinematography World
Read the article
FilmLight has finalised the prestigious 2025 FilmLight Colour Awards jury and welcomed award-winning...
25/11/2025
Article courtesy of Prensario
Read the article
La serie fue dirigida por Juli n de Tavira, Rodrigo Santos, y David Leche Ruiz, con direcci n de fotograf a a...
25/11/2025
Article courtesy of The Hollywood Reporter
Read the article
The awards, celebr...
25/11/2025
Article courtesy of Televisual
Read the article
Already live in Los Angeles and rolling out in New York and London, Nara gives producers, colourists, conform ...
25/11/2025
Article courtesy of Digital Media World
Read the article
ARTONE post-house in Tokyo is the first facility in Japan to integrate Baselight M, choosing its prec...
25/11/2025
Article courtesy of The Hollywood Reporter
Read the article
Once hidden in post-production suites, the artists who make movies and TV shows look the way they ...
25/11/2025
Article courtesy of Deadline
Read the article
The Brutalist' & Bad Bunny's Nuevayol' Music Video Among 2025 FilmLight Colour Award Winners - Cam...
24/11/2025
Robyn made her long-awaited return to the stage this week, as Spotify and Acne Studios brought friends and top fans together for an unforgettable evening at the...
24/11/2025
After more than two years of redevelopment, FC Barcelona returned to its spiritual home on November 22, hosting Athletic Club in the first La Liga match at the ...
24/11/2025
24 Nov 2025
Kyivstar Launches Starlink Direct to Cell Satellite Connectivity in Ukraine Today's Launch Makes Ukraine the First Country in Europe Where Star...
24/11/2025
Ahead of the new ninth series of Dancing with the Stars, kicking off in January 2026, RT and Shinawil have announced the arrival of three new faces to the hit ...
21/11/2025
Fans have been counting down the days until the final theatrical chapter of Wicked is revealed. To celebrate the highly anticipated release of Wicked: For Good ...
21/11/2025
Last week, Spotify turned up the volume in Seoul with the return of Spotify Hous...
21/11/2025
Wiesbaden, November 21, 2025. The SGL Carbon site in Meitingen has reason to celebrate as one of its trainees received a special award. Elias Stemmer was honore...
21/11/2025
Sky Media's £2m award-winning sustainability initiative crowns its first charity as this year's standout changemakerFriday 21 November 2025
GoodGym nam...
21/11/2025
As COP30 draws to a close, the International Electrotechnical Commission (IEC), ...
20/11/2025
Your playlists are personal. They're the soundtracks to your road trips, your quiet mornings, and your biggest celebrations; collections of memories and dis...
20/11/2025
Spotify, uzun s redir zerine al t T rk m zik k lt r n n ikon haline gelmi ...
20/11/2025
For the first time, Spotify has teamed up with The Hollywood Reporter to cohost ...
20/11/2025
This year's ARIA Awards marked a turning point for Australian music, and Spotify was right at the heart of it. For the first time in the awards' nearly ...
20/11/2025
15 March 2012
SHARE Facebook Twitter Linkedin Email
Cinegy and Vericom are pleased to announce the recent deployment of Cinegy Archive for production and as...
20/11/2025
6 September 2012
SHARE Facebook Twitter Linkedin Email
FIC Turkey supplies media content to Pay TV under Fox TV Channel brands in Turkey.
At the start of s...
20/11/2025
25 June 2014
SHARE Facebook Twitter Linkedin Email
Last month VIVA finalized its Cinegy installation in order to produce and broadcast the World Cup Brazil ...
20/11/2025
1 October 2014
SHARE Facebook Twitter Linkedin Email
With 5 locations spread out around Baden-W rttemberg, Schw bisch Media required a scalable end to end s...
20/11/2025
27 April 2015
SHARE Facebook Twitter Linkedin Email
Cinegy, which develops and produces media asset management products that are used in flagship production...
20/11/2025
12 August 2015
SHARE Facebook Twitter Linkedin Email
Munich, Germany, 26 October 2015 - Cinegy, which develops and produces software technology for digital ...
20/11/2025
5 November 2015
SHARE Facebook Twitter Linkedin Email
Munich, Germany 3 November 2015 - Cinegy, which develops and produces software technology for digital ...
LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
