LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
According to IBM X-Force, IBM Consulting's security services arm, cybercriminals last year generated more opportunities to log in to corporate networks through valid accounts, instead of hacking into them making this tactic a preferred weapon of choice for threat actors.
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer , which contributed to the 2024 report.
An emerging identity crisis
The report data revealed that exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web.
According to the report, 50% of cyberattacks in the UK involved the exploitation of valid accounts as the initial access vector' and a further 25% of cases involved the exploitation of public-facing applications. Across Europe, X-Force observed a 66% year-on-year rise in attacks caused by the use of valid accounts contributing to Europe's prevalence as the most targeted region of 2023 and the record number of attacks that X-Force has ever reported regionally.
The criminal ecosystem was also quick to adapt to the use of valid accounts by attackers. In 2023, X-Force observed a 266% increase in infostealing malware, which is designed to steal personal and enterprise credentials, personally identifiable information, and banking and crypto wallet information.
This easy entry for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, worldwide, major incidents caused by attackers using valid accounts were linked to nearly 200% more complex response measures by security teams than the average incident with defenders needing to distinguish between legitimate and malicious user activity on the network.
In fact, IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months from detection to recovery the longest response lifecycle among all infection vectors.
Martin Borrett, Technical Director, IBM Security, UK, and Ireland (UKI) commented:
Our findings reveal that identity is increasingly being weaponised against enterprises, exploiting valid accounts and compromising credentials. It also shows us that the biggest security concern for enterprises stems not from novel or cryptic threats, but from well-known and existing ones.
Addressing cybersecurity challenges requires a strategic approach, emphasising the reinforcement of foundational security measures. Streamlining identity management through a unified Identity and Access Management (IAM) provider and strengthening legacy applications with modern security protocols are crucial steps in mitigating risks. Additionally, subjecting your system to rigorous stress tests by skilled offensive security teams proves invaluable in uncovering potential weaknesses. This insight is pivotal for crafting a robust incident response plan that engages all teams, from IT professionals to C-suite executives.
Julian David, CEO of techUK, added:
In an era marked by the growing sophistication of cybercriminals who exploit legitimate accounts to breach business defences, IBM's X-Force Threat Intelligence Index serves as a stark wake-up call.
The report underscores a troubling pattern where half of the cyberattacks in the UK rely on legitimate accounts for initial access, presenting significant challenges to businesses' recovery endeavours. To effectively combat this threat, businesses must adopt a strategic approach, integrating modern security protocols to mitigate risks and strengthen their defences against the ever-evolving landscape of cyber threats.
Further key UK findings include:
Malware made up 30% of security incidents observed in the UK.
Ransomware (30%) and cryptominers (20%) were the top malware types encountered in the country.
The impact of attacks was evenly distributed with extortion, digital currency mining and data leaks each making up 25% of total impacts in the UK.
This marks a shift from 2022, when half the cases X-Force observed in the UK involved extortion (57%) twice the global average followed by data theft (29%).
The professional, business and consumer services industry was the most targeted sector in the UK, representing 39% of cases.
Energy (30%) and finance & insurance (17%) were the second and third most targeted industries in UK, respectively.
Manufacturing was the most targeted industry in Europe, accounting for 28% of cases.
Europe overall experienced the highest percentage of incidents within the energy sector at 43%, as well as finance and insurance at 37%.
Major takeaways from the global report included:
Attacks on critical infrastructure reveal industry faux pas.
Worldwide, an alarming 69.6% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets' need for uptime to advance their objectives.
In 84% of attacks on critical sectors globally, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals indicating that what the security industry historically described as basic security may be harder to achieve than portrayed.
Exploiting public-facing appl
Most recent headlines
09/11/2025
Dalet today announced a transformative leap forward for media operations: Agentic Artificial Intelligence (AI) that unifies the Dalet ecosystem under one natura...
16/10/2025
SVG Sit-Down: FUJIFILM Execs on GFX ETERNA 55 Camera, Importance of Shallow-Dept...
16/10/2025
Squash's Most Ambitious Broadcast Production To Be Deployed at Comcast Busin...
16/10/2025
Main Street Sports Group Inks Deal With Omaha Productions, Launches Original-Con...
16/10/2025
A Historic Precursor? FIFA, HBS, DAZN Offer an Inside Look at Production of FIFA...
16/10/2025
Prime Video Offers Sneak Peak at New NBA on Prime StudioThe massive 13,000-sq-ft, two-story studio features a LED regulation half court and hoopBy Jason Dachman...
16/10/2025
SVG Remote Production Forum Draws Record Crowd for Visit to PGA TOUR Studios, De...
16/10/2025
BitFire's Ben Grafchik on How Growing Cloud Workflows Are Impacting the Live...
16/10/2025
AI technology is advancing quickly, bringing both new creative possibilities and...
16/10/2025
In 2017, Imani Ellis launched CultureCon, a conference that's become a must-attend event for more than 10,000 diverse creatives and Black professionals to c...
16/10/2025
It might still be a little early to break out the tinsel and mistletoe, but Spotify's already queuing up some holiday magic. This year's Spotify Singles...
16/10/2025
Earlier this year, our in-house publishing imprint, Spotify Audiobooks, put out ...
16/10/2025
VAMPIRE has been integrated onto GM Defenses Infantry Squad Vehicle (ISV), providing a mobile solution to effectively and affordably counter small drone threat...
16/10/2025
The AgilePod mounted on the host aircraft....
16/10/2025
60% say infotainment systems are a critical purchasing or leasing consideration,...
16/10/2025
NEW YORK The Broadcasters Foundation of America has launched its 2025 Year-End Giving Campaign, which seeks to raise donations from tax-deductible personal and ...
16/10/2025
Roku has added several new features to its user interface and operating system meant to make it easier to discover and personalize content, the company said....
16/10/2025
NEW YORK CNN has announced that its All Access subscription tier will launch in the U.S. on Oct. 28, providing audiences with a centralized destination for CNN&...
16/10/2025
Student Spotlight: Alan Villanueva The graduate student and saxophonist, who performed on Natalia Lafourcades Latin Grammy-nominated Live at Carnegie Hall alb...
16/10/2025
The XR Sports Alliance (XRSA) has announced the third cohort of members. The new members include Maple Leafs Sports & Entertainment (MLSE), the Vegas Golden Kni...
16/10/2025
NEW YORK The Broadcasters Foundation of America has launched its 2025 Year-End Giving Campaign which seeks to raise donations from tax-deductible personal and c...
16/10/2025
NEW YORK Australia's Nine Network and the NHL today announced a media partnership that will bring the world's premier professional ice hockey league to ...
16/10/2025
Parks Associates has released new data showing that nearly half (45%) of U.S. internet homes watch free ad-supported streaming TV (FAST) services and 89% of U.S...
16/10/2025
TROY, Mich. -New data from J.D. Power's 2025 U.S. Residential Internet Service Provider Study shows that residential wireless internet providers are growing...
16/10/2025
TV's most charming detective drama * Shakespeare & Hathaway: Private Investi...
16/10/2025
Back to All News
Thailand's Legendary Outlaw Returns: Tee Yai: Born to be ...
16/10/2025
Back to All News
Christmas Is Just Around The Corner: Home For Christmas Season...
16/10/2025
Back to All News
Trist n Ulloa Stars in El crimen de Pazos, the New Netflix Ser...
16/10/2025
ABS Completes Redomiciliation to Dubai Development Authority as Part of Strategi...
16/10/2025
This Saturday October 18 Katja Mia will burst onto the radio airwaves for the first time as she joins 2FM. Katja will be standing in for Bl thnaid Treacy on Sat...
16/10/2025
This October, RT is delighted to support Wexford Festival Opera, Babor International Arts Festival for Children, Open House Dublin and 36 other arts and cultu...
16/10/2025
GeForce NOW is more than just a platform to stream fresh games every week - it offers celebrations for the gamers who make it epic, with member rewards to sweet...
15/10/2025
Across the world, early-career reporters are interrogating systems that shape daily life, from mortuaries and classrooms to the corridors of legal education and...
15/10/2025
St. Louis Blues Pay Tribute to Ozzy Osbourne in New Pregame Open VideoThe NHL franchise worked with production firms 2WEI and 4th Floor CreativeBy Mark J Burns,...
15/10/2025
Cobalt Digital, G3DVu, Proxima Vision, and Telos Alliance Renew Premier Sponsors...
15/10/2025
By Paige Bethmann
Before my grandmother passed away in 2019, I went to visit her in the hospital where she'd been for a few weeks. When I arrived, the nurs...
15/10/2025
Two years ago, Spotify set out to grow the entire publishing industry by making ...
15/10/2025
People turn to DJ for a listening experience that feels personal, dynamic, and j...
15/10/2025
Las personas recurren a DJ para vivir una experiencia de escucha personal, din m...
15/10/2025
Rock legend Bruce Springsteen and luminary actor Jeremy Allen White came togethe...
15/10/2025
At Spotify, we're all about supporting rising talent and helping them connec...
15/10/2025
New SBS Documentary Series THE CANCER KILLERS Premieres 4 November on SBS & SBS ...
15/10/2025
SBS celebrates the Festivals of Lights with bold, illuminating stories across th...
15/10/2025
One of humanity's most profound questions continues: Is there any place in our galaxy suitable for life beyond Earth? NASA intends to find out, with the hel...
15/10/2025
eds3_5_jq(document).ready(function($) { $(#eds_sliderM519).chameleonSlider_2_1({ content_source:......
15/10/2025
Scality, a global leader in cyber-resilient storage software for the AI era, today announced the advancement of its comprehensive AI ecosystem certification pro...
15/10/2025
The Hollywood Professional Association (HPA) today unveiled key highlights of the 2026 HPA Tech Retreat, scheduled for Feb. 15 19 at the Westin Rancho Mirage Go...
15/10/2025
At NAB Show New York 2025 (Stand 244), Interra Systems will showcase the future of media QC, monitoring, and captioning, highlighting its award-winning, AI- and...
15/10/2025
Grass Valley today announced that RMC BFM, part of the CMA-CGM Group and France's third-largest private media group, has chosen Grass Valley's productio...
LONDON, UK, Feb 21, 2024 IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global crisis as cybercriminals double down on exploiting user identities to compromise enterprises.
