Image: IBM/Gorodenkoff Productions OU
The IBM X-Force report warned that more cybercriminals are using stolen credentials to attack their victims, while critical infrastructure attacks are on the rise.
Cybercriminals continue to evolve their tactics and their targets, as Europe faced the majority of cyberattacks last year.
That’s according to a new report by IBM’s X-Force, which claimed that 32pc of all global cyberattacks occurred in Europe in 2023. This region also experienced the most ransomware attacks, with 26pc of these attacks taking place in the region.
This marks a change from 2022 and 2021, which saw the Asia-Pacific region hold the top spot as the most impacted region, followed by Europe. The UK was the most attacked country in Europe last year, accounting for 27pc of cases according to X-Force.
The organisation’s ThreatIntelligence Index 2024 is based on observations from monitoring more than 150bn security events each day in more than 130 countries.
The report claimed that a global identity crisis is brewing, as more cybercriminals are using stolen credentials to log in to victim networks using compromised accounts – instead of having to hack into a network. There was a 71pc increase last year in the number of cyberattacks that used stolen or compromised credentials, suggesting this is becoming a preferred method for many threat actors. Attacks that use this method are trickier to detect and can be more costly for enterprises, requiring more complex response measures by security teams than average cybersecurity incidents.
Critical infrastructure remains a key target
The report also found that the number of cyberattacks on critical infrastructure grew substantially last year, representing 70pc of the total attacks that X-Force responded to in 2023. This suggests that cybercriminals are wagering on high-value targets and their need to stay online.
Critical infrastructure has been a prime target for cyberattacks for years, but the latest report suggests many organisations in critical sectors are not keeping their security ready for this challenge.
The X-Force report claims that in nearly 85pc of attacks on critical sectors, compromises could have been mitigated with patching, multifactor authentication or by using “least-privilege principals”.
Earlier this month, a coalition of US intelligence agencies claimed that Volt Typhoon, a group of hackers allegedly backed by China, has had access to critical US infrastructure for at least five years.
Ransomware declines while an AI threat looms
Meanwhile, the report claims that ransomware attacks on enterprises dropped by nearly 12pc in 2023, which X-Force attributed to larger organisations opting to rebuild their infrastructure instead of paying ransoms for decryption keys.
The report claimed cybercriminal groups that previously specialised in ransomware were observed pivoting to become infostealers – which use malware to steal sensitive information such as log-in credentials and personal data.
The report also warned about the risk generative AI could present to global cybersecurity efforts – a threat that has been highlighted by experts for the past couple of years.
But rather than generative AI being used by cybercriminals for attacks, the X-Force report warns that the generative AI market could become a new attack surface once the market is established.
X-Force claimed that generative AI is in its pre-mass market stage, but that once a single technology approaches 50pc market share or the market consolidates to three or less technologies, cyberattackers will scale up their activity in this sector.
Find out how emerging tech trends are transforming tomorrow with our new podcast, Future Human: The Series. Listen now on Spotify, on Apple or wherever you get your podcasts.
