Cybercrime Surges as Identity-Based Attacks Become the Norm, IBM Finds
On Earth Day, while volunteers plant trees and clean beaches, IBM offers a sobering reminder: it’s not just the planet that needs protecting. According to the newly released 2025 IBM X-Force Threat Intelligence Index, cybercriminals are waging a parallel war, not on nature, but on networks. Credential theft has surged, phishing has become AI-fueled, and attacks on critical infrastructure are escalating globally. As we reflect on environmental sustainability, IBM’s report urges businesses and individuals alike to think about digital sustainability, where protecting identities and systems is as vital as protecting air and water.
Cybercriminals are ditching flashy ransomware schemes for stealthy credential theft. In 2024, credential-based attacks were the top tactic, accounting for nearly one-third of intrusions. This surpassed traditional malware use. IBM’s experts warn that cyber threats have gone from smash-and-grab to silent-and-sneaky.
Key Takeaways from the IBM Report
- Credential theft spiked, with 84% more infostealers spread through phishing emails.
- Asia Pacific suffered the most, seeing 34% of all attacks globally.
- Critical infrastructure was hardest hit, with 70% of incidents targeting utilities, manufacturing, and healthcare.
- Ransomware dropped, but threats diversified with stealthier tactics and AI integration.
- Top attack vector? Valid credentials. Essentially, criminals logging in with stolen usernames and passwords.
Attack Tactics: Quiet, Coordinated, and Credential-Fueled
Gone are the days of high-profile data breaches. Hackers now favor stealth. In 2024, credential theft occurred in 29% of all cyberattacks. Infostealers like Lumma and AgentTesla soared in use. They harvested login info that’s sold on dark web forums.
These malware tools don’t just infect systems. They quietly extract data while avoiding detection. IBM warns this “log in, not break in” method is not only more effective but also much harder to trace.
Critical Infrastructure in the Crosshairs
The manufacturing sector retained its spot as the most attacked industry for the fourth year in a row. Critical infrastructure, including utilities, transport, and healthcare, made up 70% of X-Force’s responses.
Slow patching cycles and reliance on legacy systems left these sectors vulnerable. One in four attacks involved exploits of known public-facing application flaws. Many of these were linked to nation-state hackers.
AI Joins the Cybercriminal Toolbox
Cyber adversaries are increasingly turning to AI to supercharge phishing attacks. Deepfakes, fake websites, and sophisticated spam are now AI-generated. These help attackers target victims with chilling accuracy.
Moreover, the adoption of generative AI by businesses opens up new vulnerabilities. IBM warns only 24% of gen AI projects are currently secured. That leaves many enterprises exposed.
Global Hotspots: Where the Hackers Struck Most
- Asia-Pacific: 34% of attacks, the highest globally.
- North America: 24%, led by manufacturing and finance.
- Europe: 23%, with high credential theft and data leaks.
Dark Web Marketplace Fuels Growth
IBM notes an expanding dark web economy. Criminals now purchase credentials, phishing kits, and malware like consumers buying software subscriptions. This “Cybercrime-as-a-Service” model makes hacking accessible to less skilled operators.
Final Thought: Everything’s Going UP
In honor of Earth Day, a good-natured take: If IBM’s cybersecurity report had a one-word summary, it would be ‘UP. ‘ Attacks are up, stealth is up, and credential theft is way up. And in classic headline fashion, here’s your lede:
“Cybercrime Skyrockets. IBM Says Hackers Don’t Break In Anymore. They Just Log In”
