There has been a 71% global spike in cyber-attacks involving stolen identities according to IBM.
Its latest X-Force Threat Intelligence Index found there was a growing trend in 2023 of cyber-criminals logging into corporate networks using stolen credentials as opposed to hacking into systems.
The report is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries.
It found there was a 12% drop in ransomware attacks last year with larger organisations often refusing to pay hackers and instead choosing to rebuild their infrastructure.
“With this growing pushback likely to impact adversaries’ revenue expectations from encryption-based extortion, groups that previously specialised in ransomware were observed pivoting to infostealers,” the report noted.
IBM said that in 2023, attackers increasingly invested in operations to obtain users’ identities with a spike in malware designed to steal personal information such as email, social media and messaging app credentials as well as banking details and crypto wallet data.
The report’s authors are warning that advances in artificial intelligence could make the problem worse.
“Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimise the tactic,” said Charles Henderson, Global Managing Partner, IBM Consulting and Head of IBM X-Force.
Article Source – Big jump in cyber-attacks using stolen identities – IBM – RTE