Check out Keypoint Intelligence’s Cybersecurity page!
In this series, in conjunction with Agile Cybersecurity Solutions (ACS, our cybersecurity testing and consulting partner), Keypoint Intelligence investigates the many facets of cybersecurity to deliver insight and strategy. Check back here often for more free information and insights to help you navigate the potentially treacherous waters of cybersecurity.
When it comes to cyberattacks, if it seems like things are getting worse—and that’s because they are. According to the just-released X-Force Threat Intelligence Index from IBM, 2023 saw a 71% spike in cyberattacks caused by exploiting users’ identities to compromise organizations worldwide. That means cybercriminals are opting to use log-in methods to gain access to networks via valid (but stolen) authentication credentials, rather than good old-fashioned hacking. (Is there no honor anymore?)
IBM gleaned this insight by analyzing more than 150 billion security events per day from more than 130 countries. The company’s X-Force threat-management team estimates that there are billions of compromised credentials accessible on the Dark Web; exploiting those accounts is the path of least resistance into an organization. In fact, IBM notes that cybercriminals are investing many more resources in operations to obtain users’ identities. The company estimates a 266% uptick in info-stealing malware designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, and crypto wallet data. Compounding the problem, in addition to being an easier path to entry, attacks using stolen credentials are also harder to detect than traditional hacks—meaning bad actors can siphon information and wreak havoc on systems for much longer without being detected.
Keypoint Intelligence Opinion
Unfortunately, such crime pays. Crypto forensics company Chainalysis recently released data showing that ransomware payments worldwide essentially doubled—rising from an estimated $567 million in 2022 to $1.1 billion in 2023. This finding, combined with the findings in the IBM report, illustrate the importance of protecting personably identifiable information and log-in credentials. Multi-factor authentication solutions—such as those offered by Cisco Duo and Okta—are a must. Also important is end user training so that employees will more readily recognize the phishing scams and other social-engineering attacks that are becoming ever harder to distinguish from legitimate communications thanks to AI-generated content.
Browse through our Industry Reports Page (latest reports only). Log in to the InfoCenter to view research, reports, and studies on cybersecurity through our Workplace CompleteView Advisory Service. If you’re not a subscriber, contact us for more info by clicking here.
Keep Reading
The Insider’s Guide to Cybersecurity: Data Privacy Week Kicks Off with a Massive Breach
The Insider’s Guide to Cybersecurity: Digital Transformation Brings Cybersecurity Vulnerabilities
The Insider’s Guide to Cybersecurity: Cyber-Resilient Innovation
The Insider’s Guide to Cybersecurity: Emerging Trends in Cybersecurity Compliance
The Insider’s Guide to Cybersecurity: Common Cybersecurity Challenges