Key Takeaways from IBM’s Security X-Force Threat Intelligence Index 2023 

The IBM Security X-Force Threat Intelligence Index 2023 is built around one fundamental concept, know the threat to beat the threat.

Cybercriminals follow the money, and this report offers business leaders insightful analysis to help protect their organizations from cyberattacks. From understanding attackers’ tactics to getting actionable insights on protecting their company, we will provide you with key takeaways and proactive steps from the IBM report to keep you ahead of the threat actors.

What is the IBM Security X-Force Threat Intelligence Index

IBM Security X-Force is a team that compiles billions of data points to provide the latest research tracking attack trends, impacts, and vulnerabilities affecting companies globally. Compiled with nearly 30-years of data, this report is full of actionable information you can use to proactively manage the security of your environment.

Key Takeaways

  1. Manufacturing was the most attacked industry in 2022, accounting for 58% of all incidents. A low tolerance for downtime makes this industry a prime target and particularly lucrative. 
  1. One of the latest tactics discovered is a disturbing trend of attackers targeting the customers and business partners of the breached organization. By bringing them into the mix, they leverage the stolen data from the threat actor to increase pressure and psychological impact.
  1. E-mail thread high-jacking attempts doubled from 2021 to 2022, with attackers using compromised e-mail accounts to reply within ongoing conversations posing as the original participant.
  1. 2022 saw a surge in backdoor activity which allows remote access to systems. Backdoors were deployed in one in five incidents because they can be sold at auction for $2,000 to $10,000. 
  1. Time to ransom dropped a shocking 94%, from two months in 2019 to under four days in 2021, accounting for 17% of attacks. Ransomware locks down critical systems until the money is paid, which differs from extortion which is the threat of releasing the information they hold.
  1. At 27%, extortion was the most common impact on companies, with 30% of those incidents occurring in the manufacturing sector. This trend is expected to continue with threats growing more aggressive because it is highly profitable. 
  1. Extortion is evolving to include the threat actor contacting your clients and business partners to inform them that you’ve been hacked and they have information about them to pressure you to pay. Experimenting with enhanced notifications will likely continue to pressure the victim to pay.
  1. Phishing has been the preferred attack method since 2019, and it continues to be the #1 way into a company at 41%. Phishing attachments are used 62% of the time, followed by links a third of the time. Why? There will always be someone that will click on something they shouldn’t. It’s cheap, easy, and it works.
  1. Targeting credit card information dropped from 61% in 2021 to 29% in 2022. Personally identifiable information (PII) is more profitable.
  1. Legacy exploits are still doing the job, with 26% of exploits having known vulnerabilities. While older malware infections such as WannaCry continue to exist and spread, the percentages have dropped in recent years due to patching.

The trend shows a growing gap between the number of vulnerabilities and weaponized exploits. Two years ago, one-third of vulnerabilities were exploited. Today this has dropped to about one in four.

Prepare for the Future

Armed with the knowledge of insights into the threat landscape, companies must put the learning into practice by identifying and mitigating risks to prepare for the future.

Manage your assets
The first step in a data breach prevention strategy is inventorying your data. Identify what type of data you have and what data is critical to your business. Remove old data and regularly review and update your data inventory. 

Know your adversary
Knowing which threat groups target your industry, geographical location, and your company will help you target the best security measures.

Manage visibility
Once you’ve identified your assets and who might want to steal them, you are in the best position to develop a detection and response strategy. A managed service provider can help with strategy and execution.  

Challenge assumptions
Assume that attackers are already in your network. With this assumption, planning changes from how to keep them out to how to stop them once they’re in your system. Be proactive and assume a worst-case scenario approach.

Be prepared
Have an incident response plan ready to go and put it to the test. Simulate attacks to find gaps and educate your employees on what to do in case of an incident. All divisions of the company should be included, not just the ones involved with IT. Cybersecurity is a journey in a constantly changing environment, not a destination.

Protect your company, clients, employees, and your reputation

Cyber-attacks are becoming increasingly sophisticated and can seriously damage your company’s finances, employees, customers, and reputation. A cyber liability policy ensures that you will have immediate access to the best high-tech attorneys, forensic IT specialists, and PR firms when you need them most. And you can react with speed which is a critical defensive strategy. 

In Conclusion

In conclusion, the IBM Security X-Force Threat Intelligence Index 2023 stresses the importance of proactive measures to mitigate cybersecurity risks. By taking steps outlined in the report, businesses can prepare for the future and protect their assets, clients, employees, and reputation. Additionally, protecting your company and reputation with a cyber liability policy can provide peace of mind and ensure swift action in the event of an attack. With cyber-attacks growing increasingly sophisticated, it’s crucial to stay vigilant and take the necessary steps to safeguard your organization.

For a complete copy of the IBM Security X-Force Threat Intelligence Index 2023, please go to https://www.ibm.com/reports/threat-intelligence.