Understanding the IBM X-Force Threat Intelligence Index 2024

13 June, 2024, by Tom Macartney

The more we depend on digital systems, the more critical it becomes for businesses to stay informed about the latest cybersecurity threats to protect everything they've built. The IBM X-Force Threat Intelligence Index 2024 report offers critical insights into the evolving cyberthreat landscape. It highlights a marked increase in identity-based attacks, the increasing sophistication of Kerberoasting techniques (used by hackers to exploit weak or poorly managed service account passwords), the evolving threat of infostealer malware, the potential risks of generative AI within the cybercrime context, and shifting geographic trends in attacks.

Key Findings

• The Identity Crisis: Stolen Credentials Fuelling Attacks: Exploitation of compromised credentials has superseded traditional hacking methods as the favoured initial access vector. Businesses must prioritise identity-centric security.
• Kerberoasting: A Tool of Choice: Attackers are increasingly leveraging Kerberoasting to compromise Active Directory credentials through the abuse of Kerberos tickets. This 100% increase highlights the need for advanced Active Directory security measures.
• Infostealers on the Rise: The prevalence of infostealer malware has skyrocketed by 266%, signifying that credential theft is a lucrative avenue for cybercriminals. Detecting and mitigating infostealers is essential.
• The Generative AI Threat Landscape: While the full range of security risks posed by generative AI remains to be seen, its adoption is far outpacing our understanding of the potential threats it may introduce. Security strategies must evolve to address this rapidly developing area.
• Europe Under Siege: Europe has become the most targeted region globally, experiencing a surge in ransomware and malware campaigns directed at its manufacturing sector in particular. European firms need enhanced security protocols.
• The Evolving Entry Points: Compromised credentials continue to be the most common entry point, while phishing remains a formidable threat.

Recommendations for Businesses

• Prioritise Identity-First Security: Implement robust multi-factor authentication (MFA) solutions and enforce strict password policies. Conduct frequent audits of user accounts and access privileges.
• Invest in Proactive Monitoring and Intelligence: Utilise threat intelligence platforms to gain actionable insights on emerging threats, enabling pre-emptive defence strategies.
• Optimise Incident Response: Develop comprehensive incident response plans tailored to address scenarios such as DDoS attacks, ransomware incidents, and credential breaches. This includes data recovery and business continuity procedures.
• Foster a Culture of Security Awareness: Regularly educate employees on phishing techniques, password best practices, and the importance of reporting suspicious activity.
• Partner with Cybersecurity Experts: Organisations like Madigan Solutions specialise in developing and implementing tailored security strategies aligned with the specific threat landscape outlined in the IBM X-Force report.

Contact us

The IBM X-Force Threat Intelligence Index 2024 underscores the necessity for organisations to adopt a proactive and intelligence-driven approach to cybersecurity. Madigan Solutions is ready to partner with you to safeguard your business against these escalating threats with our expertise in identity and access management. Contact us today to fortify your defences and ensure resilience for the future.