7 Key Takeaways From IBM’s X-Force Threat Intelligence Index 2023

Here are some of the key takeaways from IBM’s X-Force threat intelligence index 2023.

1.   Phishing Is the Favorite Choice For Threat Actors

Phishing topped the list of infection vectors, according to IBM’s X-Force Threat Intelligence Index 2023. With 41% of cybersecurity incidents occurring due to phishing, it still remains the preferred choice for cybercriminals. Cyber Attackers have ditched the traditional phishing and are adopting spear phishing and delayed phishing to trick users.

What’s even more surprising is the fact that 62% of all those attacks used spear phishing attachments while 33% of all these incidents involved spear phishing links. Only 5% of these attacks took place due to spear phishing via service. Moreover, IBM also found that some threat actors also used a combination of these tactics.

2.   Vulnerability Exploitation Continues

IBM’s X-Force 2022 found that there is an 800% increase in the number of infections caused by vulnerability exploitation after the WannaCry incident. This year, it came at the second spot with 26% incident response cases. To give you some perspective, IBM considers vulnerability exploitation as exploitation and vulnerabilities in public facing applications.

Even though the total number of vulnerabilities exploited dipped in 2022 by 19% as compared to 2021, which rose by 34% in 2020, you can not afford to ignore it because it can come back to haunt you anytime as we have seen from incidents like Log4j.

3.   Ransomware Attacks Are Still a Big Threat

Ransomware attacks were not as frequent as they used to be in the past but neglecting them could be a mistake. According to a study conducted by IBM, the average duration of a ransomware attack declined by 94% from 2019 to 2021. It decreased from 60 days to as low as 4 days.

In addition to this, the number of ransomware attacks showed a negative trend, spiraling down from 21% in 2021 to 17% in 2022. This should not make you complacent regarding ransomware as they are becoming more dangerous and more costly.

Instead of targeting businesses, ransomware is now targeting critical infrastructure such as hospitals, power stations, education institutes and government organizations. The average cost of ransomware attacks have also jumped up to $4.62 million, which is even higher than the average cost of data breach which stood at $4.35 million.

4.   Backdoor Access Sells Like Hot Cakes On The Dark Web

Did you know that backdoor access is one of the best selling commodities on the dark web? Yes, you read that right. It is not your credit card information that you always worry about. In fact, a credit card record is sold for as low as $10 while backdoor access can fetch thousands of dollars.

Cybercriminals can hold onto backdoor access as long as they can get the best price for it. They wait until they find a buyer who is willing to pay the top dollar for backdoor access. In fact, backdoor access has overtaken ransomware attacks in 2022 with 17% of incidents.

IBM’s X-Force Threat Intelligence Index 2023 also made a shocking revelation. According to the report, 67% of all the backdoors were failed ransomware attempts where the malicious plot was foiled before the ransomware was deployed. Now, you can see the close connection between ransomware and backdoor access.

5.   Remote Credential Harvesting Is New Trick For Hackers

Credential harvesting is a serious threat that can have significant consequences for individuals and organizations alike. It is essential to stay vigilant and take proactive measures to protect your credentials and sensitive information. Credential harvesting was involved in 11% of incidents analyzed by IBM.  It can pose serious security risks and financial losses.

Some of the dangers of credential harvesting include:

1. Identity theft:

Attackers can use stolen credentials to impersonate the victim, obtain additional information, and commit identity theft.

2. Account takeover:

With stolen credentials, attackers can gain access to a victim’s accounts, steal sensitive information, or carry out unauthorized transactions.

3. Data breaches:

If attackers gain access to sensitive systems or networks, they can exfiltrate large amounts of data, including personal and financial information, leading to severe data breaches.

2.   Denial of Service Can Disrupt Your Business

Just like ransomware attacks, distributed denial of service attacks might be low on IBM’s X-Force Threat Intelligence Index but that does not mean that you should stop worrying about them. According to cybersecurity statistics, the number of DDoS attacks will surpass the 15.4 million mark in 2023.

7.   Business Email Compromise Can Not Be Taken Lightly

Last but certainly not the least is business email compromise. According to a report, business email compromise attacks increased by 81% from the first to second half of 2022. The report also found that 28% of employees have opened malicious emails and 15% of these employees even replied to those emails. Large enterprises are 63% more likely to experience BEC attacks as compared to small or midsize businesses.

Which is the most important takeaway from IBM’s X-Force threat intelligence index 2023 in your opinion? Share it with us in the comments section below.