Know the threat to beat the threat
Cyberattacks are more prevalent, creative and faster than ever. So understanding attackers’ tactics is crucial. The IBM Security® X-Force® Threat Intelligence Index 2023 offers CISOs, security teams and business leaders actionable insights to help you understand how threat actors are waging attacks, and how to proactively protect your organization.
Unlocked: Backdoors fuel ransomware
Backdoor deployments, which enable remote access to systems, were the most common type of attacker action that X-Force incident responders handled. The silver lining: 67% of backdoor cases were failed ransomware attacks as defenders were able to disrupt the backdoor before ransomware was deployed.
Of incidents saw backdoors deployed
Of attacks in 2022 were ransomware
Of attacks were business email compromise
Understand an attacker’s view of known and unknown risks
Taking an attacker’s view of both known and unknown risks can help organizations adopt preventive measures before incidents happen.
Victims felt the pressure in 27% of attacks
Whether ransomware, business email compromise (BEC) or distributed denial of service (DDoS), 27% of attacks were extortion related. When attackers see a weakness, they exploit it. Recognizing the industry's low tolerance for downtime, cybercriminals focused more extortion attempts on manufacturing than any other industry.
Prepare and respond faster
Get recommendations to help you stay ahead of threats.
Phishing: Top way attackers gained access
For the second year in a row, phishing was the leading infection vector, identified in 41% of incidents. More than half of phishing attacks used spear phishing attachments. X-Force also observed a 100% increase in thread hijacking attempts per month—where an attacker impersonates someone and uses existing email conversations for nefarious purposes.
Of attacks used phishing
Of attacks exploited public-facing apps
Of attacks abused valid accounts
Only 26% of new vulnerabilities had known exploits
The proportion of vulnerabilities with a known exploit declined 10 percentage points over the last few years. However, cybercriminals already have access to more than 78,000 known exploits. This access made it easier to exploit older, unpatched vulnerabilities, highlighting the need for a well-defined vulnerability management strategy, including better understanding your attack surface and risk-based prioritization of patches.
You need to analyze multiple factors
Identify, prioritize and remediate the vulnerabilities that matter most.
Fast ransomware attacks demand faster responses
While there was a slight decline in ransomware attacks, an X-Force study found that the time to execute attacks dropped 94% over the last few years. What took months now takes attackers mere days. With attackers moving faster, organizations must take a proactive, threat-driven approach to cybersecurity.
2019 ransomware deployment time
2020 ransomware deployment time
2021 ransomware deployment time