IBM X-Force Report: 30% of Cyberattacks Are Based on Compromised Identities
The latest IBM X-Force Threat Intelligence Index 2025 report reveals a significant shift in cybercriminal tactics, with an increasing focus on credential theft over ransomware attacks. In 2024, there was an 84% rise in emails distributing infostealer malware, designed to silently and efficiently extract access credentials.
This shift has resulted in nearly one in three cybersecurity incidents in 2024 involving the use of stolen credentials, enabling unauthorized access without the need to exploit technical vulnerabilities.
Critical Infrastructures in the Crosshairs
Organizations in critical infrastructure represented 70% of the attacks handled by IBM X-Force in 2024. More than a quarter of these incidents were due to the exploitation of known vulnerabilities, many of which were available on dark web forums and linked to advanced threat groups, including state actors.
Most Affected Regions
Asia-Pacific and North America accounted for nearly 60% of global attacks, with 34% and 24% respectively. Notably, the Asia-Pacific region experienced a 13% increase in attacks compared to the previous year, highlighting its growing exposure to cyber threats.
IBM’s Recommendations for Strengthening Cybersecurity
IBM suggests that organizations adopt the following measures to mitigate these risks:
- Implement Multi-Factor Authentication (MFA): Prioritize the use of MFA for all employees and partners accessing critical systems.
- Modernize Identity Management: Develop adaptive strategies that align with changing operational and security requirements.
- Reduce IT and Security Complexity: Invest in tools that simplify identity management and enhance threat response.
Conclusion
The cyber threat landscape is evolving towards stealthier methods centered around identity exploitation. Organizations must proactively adapt by strengthening their authentication and monitoring strategies to protect against these emerging tactics.
For more information, visit IBM