IBM: Identity Attack in Middle East, Africa Heightens, Straining Enterprises’ Recovery Time
IBM, a global technology company has released its 2024 X-Force Threat Intelligence Index, highlighting an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide.
According to the report, the global trend is reflecting more in the Middle East and Africa region (MEA), with the use of valid local accounts and valid cloud accounts, making up the primary cause of cyberattacks against organisations in the region. The report therefore highlights` the need for strong user access and control strategies by enterprises.
The IBM X-Force Threat Intelligence Index, explained that in 2023, cybercriminals saw more opportunities to `log in’ versus hack into corporate networks through valid accounts, making the tactic a preferred weapon of choice for threat actors, adding that Saudi Arabia is the most targeted country in MEA, representing 40 per cent of overall incidents that X-Force responded to in the region, followed by the United Arab Emirates (UAE), which has 30 per cent of the attack.
At the industry level, the most targeted sectors in the region were finance and insurance, making up 38 per cent of incidents, followed by transportation and energy at 19 per cent each, the report said.
The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries.
Analysing the threat report across the region, General Manager and Technology Leader, IBM Africa Growth Markets, Babacar Kane, said exploiting valid accounts became the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web today.
“The use of valid local accounts (52 per cent) and valid cloud accounts (48 per cent) represented the most commonly observed initial infection vectors in cyberattacks against organisations in the Middle East and Africa region, with espionage making up the top impact.
“Globally, in 2023, X-Force saw attackers increasingly invest in operations to obtain users’ identities, with a 266 per cent uptick in infostealing malware, designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more. The use of malware was followed by DDoS, email threat hacking, server access and the use of legitimate tools for malicious purposes, all at 17%, respectively,” Kane said.
“As threat actors start to look up to Artificial Intelligence (AI) to optimise their attacks, embracing AI-powered solutions isn’t just a choice anymore but a necessity to fortify organisations against evolving cyber threats that will scale. Partnering with the right technology provider ensures businesses remain ahead of the curve, fostering resilience and trust in their operations while propelling the region’s economic prospects,” Kane further said.
To help protect organisations against evolving cyber threats, X-Force report recommended that organisations should consider implementing solutions to reduce the damage that a data security incident could potentially cause by reducing the incident’s blast radius- namely the potential impact of an incident given the compromise of particular users, devices or data.
It also recommended stress-test in the work environment by hiring hackers to stress test the work environment and identify the existing cracks that cybercriminals could exploit to gain access to organisation’s network and carry out attacks. Also having incident response plans that are customised for your environment is key to reducing the time to respond, remediate and recover from an attack, the report further recommended.