One-Third of Cyber Attacks Use Advanced Tactics to Steal Login Credentials

IBM X-Force’s 2024 cybersecurity report, nearly one-third of cyber intrusions now rely on identity-based attacks, exploiting valid login credentials to breach systems.

This alarming trend, continuing for the second consecutive year, highlights a shift in threat actor strategies, moving away from traditional brute-force methods to stealthier, more persistent tactics.

Attackers are increasingly leveraging sophisticated tools, including generative AI (gen AI), to scale phishing campaigns and craft malicious code, amplifying their ability to harvest credentials through infostealer malware and credential phishing.

The report underscores a staggering 84% year-over-year increase in infostealers delivered via phishing emails, with credentials often sold in bulk on dark web marketplaces, fueling a thriving access-as-a-service criminal economy.

Rising Threat of Identity-Based Intrusions

The integration of AI into cybercriminal toolkits marks a new frontier in cyber risk, as adversaries use gen AI to create convincing phishing emails, deepfake content, and fraudulent websites.

IBM notes that while ransomware incidents have declined for the third consecutive year, constituting 28% of malware cases, the threat remains potent with a 25% surge in ransomware activity on the dark web.

Attackers are adopting cross-platform ransomware targeting both Windows and Linux environments and employing multiple extortion tactics beyond encryption, such as data theft and leaks.

Meanwhile, 25% of attacks exploit vulnerabilities in public-facing applications, with post-compromise scanning enabling lateral movement and privilege escalation within compromised networks.

The growing reliance on cloud infrastructure has further expanded attack surfaces, with threat actors abusing trusted cloud hosting services for phishing campaigns, particularly in regions like Latin America.

AI-Powered Threats and Ransomware Landscape

The report also paints a grim picture of organizational unpreparedness, noting that many lack robust cyber crisis plans despite the escalating pace of AI-assisted attacks.

Credential harvesting emerges as the top impact, affecting 28% of incidents, often leading to data theft (18% of cases) and extortion (12%).

Phishing, though declining as a direct compromise vector to 25% of incidents, remains a shadow infection mechanism, with PDFs and URLs replacing traditional malware attachments like ZIP files, which dropped by 70%.

Obfuscation tactics, such as encrypted URLs in PDFs, further complicate detection by email security solutions.

IBM warns that the proliferation of vulnerabilities up threefold over the past eight years and the availability of weaponized exploits for nearly a quarter of them pose significant challenges for defenders.

To combat these evolving threats, IBM urges organizations to prioritize multi-factor authentication (MFA), modernize identity strategies, and secure AI pipelines from training data to deployment.

Proactive threat detection using AI and machine learning, alongside robust incident response planning and dark web monitoring, is critical to limit exposure.

As cybercriminals continue to exploit identity sprawl and unpatched vulnerabilities, businesses must embed advanced security across AI workloads, consolidate identity solutions, and adopt zero-trust principles like network segmentation to minimize the blast radius of attacks.

Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!