Summary Bullets:
• For enterprising hackers, using legitimate credentials is the fastest path into the enterprise. IBM X-Force’s 2024 Threat Intelligence Index reported that bad actors commandeered valid credentials in 30% of all incidents the research arm responded to last year, the most common access method of any used in 2023.
• IBM saw an 11.5% decrease in ransomware demands, which the company attributed to increasing resistance from targeted companies to pay.

Today’s cyber threat environment remains toxic, virulent, and challenging for enterprises on the defensive. The 2024 IBM X-Force Threat Intelligence Index, sourced from the research team’s insights gained from tracking over 150 billion security threats each day, uncovered some changes in the processes and methodologies threat actors are using to mine enterprise resources for profit. Noting that hackers prefer an access path into the enterprise of one of least resistance, IBM reported a 71% jump in 2023 from the prior year in threat actors using legitimate credentials to breach a targeted enterprise. During incident response engagements, X-Force found a 100% rise in “Kerberroasting,” a tactic that uses Kerberos authorization tickets to steal Microsoft Active Directory credentials.