Major shifts in identity, ransomware, and critical infrastructure threat trends

In this Help Net Security video, Michelle Alvarez, Strategic Threat Analysis Manager at IBM X-Force, discusses the 2024 X-Force Threat Intelligence Index, revealing top threats and trends the team observed last year across its global engagements and how these shifts are forming the threat landscape in 2024 and beyond.

X-Force observed shifts toward credential-driven attacks with a 71% increase in attacks caused by using valid accounts. As cybercriminals see more opportunities to “log in” vs. hack in, phishing attacks saw a 44% decrease in volume from 2022.

X-Force observed a 12% drop in ransomware attacks on enterprises, signaling a business model shift by operators who were seen pivoting to infostealer malware (which saw a 266% surge) as businesses opt to rebuild vs. paying ransom to decrypt. Ransomware’s “pressure” to adapt is also a result of law enforcement takedowns (most recently LockBit) that continue to disrupt these operations.

Nearly 70% of attacks targeted critical infrastructure in 2023, reaffirming these sectors’ position as high-value targets to cybercriminals. About 85% of attacks on these sectors could’ve been mitigated with security fundamentals.

X-Force analysis suggests there is a lack of incentives by threat actors to invest in attacking the genAI models themselves. Per the report, when a single generative AI technology approaches 50% market share or when the market consolidates to three or fewer technologies, it will trigger at-scale attacks against these platforms that can yield ROI.