63 Percent of Organizations Implemented a Zero-Trust Strategy
According to a Gartner survey, 63% of organizations worldwide have fully or partially implemented a zero-trust strategy.
According to IBM's 2024 X-Force Threat Intelligence Index, cybercriminals double down on exploiting user identities to compromise enterprises worldwide. In 2023, cybercriminals saw more opportunities to "log in" versus hack into corporate networks through valid accounts – making this tactic a preferred weapon of choice for threat actors.
In nearly 85% of attacks on critical sectors, a compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals – indicating that what the security industry historically described as "basic security" may be harder to achieve than portrayed. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organizations opted against paying and decrypting, in favor of rebuilding their infrastructure. With this growing pushback likely to impact adversaries' revenue expectations from encryption-based extortion, groups that previously specialized in ransomware were observed pivoting to info stealers. X-Force analysis projects that when a single generative AI technology approaches 50% market share or when the market consolidates to three or fewer technologies, it could trigger at-scale attacks against these platforms.
"While 'security fundamentals' doesn't get as many head turns as 'AI-engineered attacks,' it remains that enterprises' biggest security problem boils down to the basic and known – not the novel and unknown," said Charles Henderson, Global Managing Partner, IBM Consulting, and Head of IBM X-Force. "Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimize the tactic."
Exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web today. In 2023, X-Force saw attackers increasingly invest in operations to obtain users' identities – with a 266% uptick in infostealing malware, designed to steal personally identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data, and more.
This "easy entry" for attackers is harder to detect, eliciting a costly response from enterprises. According to X-Force, major incidents caused by attackers using valid accounts were associated with nearly 200% more complex response measures by security teams than the average incident – with defenders needing to distinguish between legitimate and malicious user activity on the network. IBM's 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months to detect and recover from – the longest response lifecycle than any other infection vector.
This wide reach into users' online activity was evident in the FBI and European law enforcement's April 2023 takedown of a global cybercrime forum that collected the login details of more than 80 million user accounts. Identity-based threats will likely continue to grow as adversaries leverage generative AI to optimize their attacks. Already in 2023, X-Force observed over 800,000 posts on AI and GPT across Dark Web forums, reaffirming these innovations have caught cybercriminals' attention and interest.
Worldwide, nearly 70% of attacks that X-Force responded to were against critical infrastructure organizations, an alarming finding highlighting that cybercriminals are wagering on these high-value targets' need for uptime to advance their objectives. Nearly 85% of attacks that X-Force responded to in this sector were caused by exploiting public-facing applications, phishing emails, and the use of valid accounts. The latter poses an increased risk to the sector, with DHS CISA stating that the majority of successful attacks on government agencies, critical infrastructure organizations, and state-level government bodies in 2022 involved the use of valid accounts.
X-Force assesses that once generative AI market dominance is established – where a single technology approaches 50% market share or when the market consolidates to three or fewer technologies – it could trigger the maturity of AI as an attack surface, mobilizing further investment in new tools from cyber criminals. Although generative AI is currently in its pre-mass market stage, it's paramount that enterprises secure their AI models before cybercriminals scale their activity. Enterprises should also recognize that their existing underlying infrastructure is a gateway to their AI models that don't require novel tactics from attackers to target – highlighting the need for a holistic approach to security in the age of generative AI.
Više vijesti iz kategorije
Buy Now, Pay Later Users to Exceed 670 Million by 2028
A new study from Juniper Research found that by 2028, the BNPL (Buy Now, Pay Later) user base will increase by 107%, from 380 million users in 2024.
Top Government Technology Trends for 2024
Gartner identified the top five government technology trends for 2024 that can guide public sector leaders to deliver better, faster, and increasingly more cost-effective citizen services.
