IBM’s 2024 X-Force Threat Intelligence Index, which is based on watching over 150 billion security events a day across more than 130 countries, shows that cybercriminals are finding it a doddle to log in to systems with stolen details rather than cracking them.
IBM Security UK and Ireland Technical Director Martin Borrett said the report’s findings show that identity is increasingly being used against businesses, using valid accounts and nicking passwords.
“It tells us that the biggest security worry for businesses comes not from new or mysterious threats, but from old and familiar ones.”
The data reveals half of cyberattacks in the UK involved using valid accounts as the first way in, with another 25 per cent of cases using public-facing apps. Across Europe, IBM saw a 66 per cent rise in attacks caused by using valid accounts, making the region the most hit globally in 2023.
The criminal world has changed quickly, with IBM spotting a 266 per cent increase in malware that steals personal and business details, identities, bank accounts and cryptocurrency wallets.
This “easy entry” method is more challenging to spot and significantly costs businesses. According to IBM, significant incidents caused by attackers using valid accounts needed nearly 200 per cent more complicated response measures by security teams than the average incident, as defenders struggle to tell the difference between good and harmful activity.
“Dealing with cybersecurity problems needs a smart approach, focusing on the basics of security measures,” Borrett said.
“Making identity management simpler through a single Identity and Access Management provider and making old apps more secure with modern security rules are key steps in reducing risks.”
Other key UK findings from the report include malware making up 30 per cent of security incidents, with ransomware (30 per cent) and crypto-miners (20 per cent) being the top malware types. The professional, business and consumer services industry was the most targeted at 39 per cent of cases, followed by energy (30 per cent) and finance & insurance (17 per cent).
Globally, 69.6 per cent of attacks IBM responded to targeted vital infrastructure organisations, showing cybercriminals are betting on the high-value need for uptime.
In 84 per cent of these attacks, the damage could have been stopped by patching, multi-factor authentication or least-privilege rules—showing that getting “basic security” may be more complicated than it seems.
IBM suggests businesses reduce the potential damage of incidents, test their environments with skilled attack teams, develop robust incident response plans, and focus on securing the core infrastructure when using AI technologies.
As cybercriminals keep using identities, businesses must take a proactive, intelligent approach to strengthen their defences against this growing global crisis.