IBM has released the 2025 X-Force Threat Intelligence Index which shows a notable shift in cybercriminal tactics. According to the report, there was an 84% increase in emails delivering infostealers in 2024, indicating a move towards more discreet identity attacks while ransomware incidents reportedly decreased.
Critical infrastructure organizations accounted for 70% of all attacks addressed by IBM X-Force, with over a quarter stemming from vulnerability exploitation. Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM, stated that cybercriminals are exploiting weaknesses in hybrid cloud environments and stressed the need for businesses to focus on proactive measures like modernizing authentication management.
The report highlights persistent challenges with legacy technology and patching cycles in critical infrastructure sectors, leaving them vulnerable to sophisticated threats. IBM X-Force found that some of the most mentioned common vulnerabilities and exposures (CVEs) on dark web forums were linked to nation-state actors.
Further findings reveal a significant increase in phishing emails leading to credential theft, driven by attackers using AI for large-scale operations. Ransomware, although still prevalent, saw a shift towards lower-risk models and identity attacks gained prominence.
Looking forward, cybersecurity experts are concerned about potential AI threats as adoption grows, and businesses are urged to secure their AI infrastructures. The report notes that Asia and North America were the most attacked regions in 2024, while manufacturing remained the most targeted industry by ransomware.
The report also highlights collaboration with Red Hat Insights, revealing that many Red Hat Enterprise Linux environments had lagged in deploying patches for critical vulnerabilities.
The full report can be accessed through IBM, along with a webinar and personalized review options.