Learning Library

← Back to Library

IBM Threat Index: Identity Crisis & Ransomware Risks

4m • Unknown Channel • security • news • intermediate • Watch on YouTube ↗

Key Points

The 2024 IBM X‑Force Threat Intelligence Index reports a 71% year‑over‑year rise in attacks that use valid credentials, making compromised accounts the top entry point for cyber‑criminals and accounting for roughly 30% of all incidents.
Ransomware groups are pivoting to a “leaner” model: ransomware attacks on enterprises dropped about 12%, while “info‑stealer” malware surged 266% as attackers move toward data‑theft rather than extortion.
Despite heavy discussion of generative AI on dark‑web forums (over 800 k posts in 2023), the AI attack surface and tooling remain immature, limiting the current return on investment for AI‑focused cybercrime.
IBM recommends deploying a product‑agnostic identity fabric with MFA, strong password policies, and unified identity management to eliminate silos and curb credential‑harvesting attacks.
Additional safeguards include dark‑web monitoring for exposed credentials, securing AI pipelines with existing guardrails, and adopting a DevSecOps approach with encrypted connections to prevent session hijacking.

Sections

00:00:00 Credential Abuse, Ransomware Pivot, AI Outlook - The episode summarizes IBM X‑Force’s 2023 Threat Intelligence Index, revealing a 71% rise in credential‑based attacks, a shift from ransomware to info‑stealing malware, and currently low profitability for cyber‑criminals targeting AI systems.

Full Transcript

# IBM Threat Index: Identity Crisis & Ransomware Risks **Source:** [https://www.youtube.com/watch?v=2G-zu2Rw1QI](https://www.youtube.com/watch?v=2G-zu2Rw1QI) **Duration:** 00:04:09 ## Summary - The 2024 IBM X‑Force Threat Intelligence Index reports a 71% year‑over‑year rise in attacks that use valid credentials, making compromised accounts the top entry point for cyber‑criminals and accounting for roughly 30% of all incidents. - Ransomware groups are pivoting to a “leaner” model: ransomware attacks on enterprises dropped about 12%, while “info‑stealer” malware surged 266% as attackers move toward data‑theft rather than extortion. - Despite heavy discussion of generative AI on dark‑web forums (over 800 k posts in 2023), the AI attack surface and tooling remain immature, limiting the current return on investment for AI‑focused cybercrime. - IBM recommends deploying a product‑agnostic identity fabric with MFA, strong password policies, and unified identity management to eliminate silos and curb credential‑harvesting attacks. - Additional safeguards include dark‑web monitoring for exposed credentials, securing AI pipelines with existing guardrails, and adopting a DevSecOps approach with encrypted connections to prevent session hijacking. ## Sections - [00:00:00](https://www.youtube.com/watch?v=2G-zu2Rw1QI&t=0s) **Credential Abuse, Ransomware Pivot, AI Outlook** - The episode summarizes IBM X‑Force’s 2023 Threat Intelligence Index, revealing a 71% rise in credential‑based attacks, a shift from ransomware to info‑stealing malware, and currently low profitability for cyber‑criminals targeting AI systems. ## Full Transcript

0:00findings from the latest threat 0:02intelligence index report and 0:04recommendations you should take to 0:05secure your organization against threats 0:08all on this episode of IBM Tech 0:13[Music] 0:14now the annual IBM xforce threat 0:17intelligence index shines a light on the 0:19biggest cyber risks that organizations 0:21face today with data collected over the 0:23past year when looking at the top trends 0:26from this year's report we can see that 0:28a global identity crisis is merging in 0:31fact there was a 71% increase 0:33year-to-year in attacks using valid 0:35credentials this means that abusing 0:37valid accounts became a preferred entry 0:39point into victim environments for cyber 0:41criminals in 2023 representing 30% of 0:45all incidents xforce responded to this 0:48of course corresponds with the second 0:50main Trend that was observed where 0:51ransomware groups are pivoting to a 0:54leaner business model exforce observed a 0:57nearly 12% drop in ransomware attacks on 0:59Enterprises as larger organizations opt 1:03against paying and decrypting in favor 1:05of rebuilding this means a 1:07266 upsurge in info stealing malware as 1:11groups that previously specialized in 1:12ransomware were observed moving towards 1:15info Stealers the third Trend observed 1:18by exforce was that the ROI from cyber 1:20criminals attacking AI just isn't there 1:23yet while discussions on AI and gbt 1:26dominate dark web forums with xforce 1:28observing over 800 ,000 relevant posts 1:31in 2023 analysis suggests the AI attack 1:35surface and tools are not yet mature now 1:38when a single generative AI technology 1:40approaches 50% market share or when the 1:42market consolidates to three or less 1:44Technologies at scale attacks against 1:46these platforms become likely so we'll 1:48see what next year's report has to 1:51say so what can you and your 1:53organization do to protect against the 1:55threats covered in the threat 1:57intelligence index luckily X4 course has 2:00six main recommendations and solutions 2:02to help first remove identity silos 2:06prevent cyber criminals from logging in 2:08by properly deploying a product agnostic 2:11identity fabric that can extend modern 2:13security capabilities you should also 2:16simplify identity management through a 2:18single I am provider and streamline the 2:20undertaking with identity and Security 2:23Experts second reduce the risk of 2:26credential harvesting you should be 2:27hardening your credential management 2:29practices 2:30by implementing MFA and strong password 2:32policies routinely providing employee 2:35education and extending your team with 2:37AI and 2:38automation third know your dark web 2:41exposure employ dark web capabilities 2:44that find atrisk credentials and session 2:46Keys check your Executives digital 2:48identities and scan social networks and 2:50channels related to your sector fourth 2:54establish secure Ai and models securing 2:57AI is broader than AI itself organiz 2:59ations can leverage existing guard rails 3:01to help secure the AI 3:03pipeline fifth Implement a Dev SEC Ops 3:06approach to planning and testing you can 3:09limit the possibility of session 3:10hijacking by implementing a Dev SEC Ops 3:13approach that includes using secured 3:15encrypted connections implementing 3:17session timeouts and prompts for 3:19reauthentication and engaging in 3:21penetration testing services and sixth 3:24reduce the impact of an incident by 3:26implementing a least privileged 3:28framework providing identity and network 3:30segmentation and implementing data 3:33security and protection Solutions that's 3:35a whole lot of information that I 3:37covered in the last 3 minutes but I 3:38assure you there's even more great stuff 3:40in the ibmx force threat intelligence 3:42index click the link in the description 3:44of this video to download the report 3:47thanks so much for joining me today for 3:48this episode of IBM Tech now if you're 3:50interested in learning more about the 3:51topics I've covered make sure you 3:53explore the links in the description of 3:54this video and again please don't forget 3:56to subscribe to our channel to stay up 3:58to date on what's going on Tech 4:02[Music] 4:06now