IBM X-Force cited examples of hackers using vulnerability scanners for reconnaissance and adversary simulation solutions to steal data. Credit: ArieStudio / Shutterstock.

IBM X-Force’s 2024 Threat Intelligence Index outlined how cybercriminals are advancing their tactics. X-Force, IBM’s threat intelligence research arm, taps into data from over 150 billion security events each day. Noting that hackers prefer an access path into the enterprise that is one of least resistance, IBM reported a 71% jump in 2023 from the prior year in threat actors using legitimate credentials to breach a targeted enterprise. Hackers commandeered valid credentials in 30% of all incidents the research arm responded to last year, the most common access method of any used in 2023.  During incident response engagements, X-Force found a 100% rise in “Kerberroasting,” a tactic that uses Kerberos authorisation tickets to steal Microsoft Active Directory credentials.

In 32% of incidents, bad actors used authentic tools for malevolent use. IBM X-Force cited examples of hackers using vulnerability scanners for reconnaissance and adversary simulation solutions to steal data. These were for credential theft (13%), data exfiltration (11%) and reconnaissance (6%).

Go deeper with GlobalData

Premium Insights

The gold standard of business intelligence.

Find out more

Related Company Profiles

View all

IBM X-Force reported fewer ransomware incidents in 2023, noting an 11.5% drop in incidents.  However, despite the decline in incidents cybercriminals continue to employ the tactic to extort money from enterprises.  The variants X-Force saw most often were BlackCat, CLOP, LockBit, BlackBasta, and Royal.

 X-Force said that though AI-driven threats have been flagged as a concern, IBM has not seen any evidence of an issue with the technology as a criminal tool yet. However, X-Force noted that it has seen AI and GPT referenced in more than 800,000 posts in criminal markets and dark web forums last year. Still, X-Force does not expect to see AI-related attacks in the near term, the research organization anticipates bad actors will develop tools for malicious use.

With respect to verticals, manufacturing repeated its position at the top of the most targeted industry list. Over 25% of the incidents within the top ten targeted verticals were levelled against manufacturing. 

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.