These findings are part of the IBM Security X-Force Threat Intelligence Index 2023 report. The report offers a comprehensive analysis of the cyberattacks that IBM Security studied between January and December 2022. It offers key insights for the tech industry, policymakers, researchers, and the media. According to the IBM Security team, thread hijacking attacks doubled last year. This is a phishing attack where a threat actor uses a compromised corporate email account to send malicious links and attachments in email threads. On a positive note, IBM noted a decline in the number of known exploits for last year’s vulnerabilities. “Twenty-six percent of 2022’s vulnerabilities had known exploits,” the report states. “According to data that X-Force has tracked since the early 1990s, that proportion has been dropping in recent years, showcasing the benefit of a well-maintained patch management process,” it adds.
Attackers Value Personal Information Over Credit Card Data
The researchers’ analysis of phishing kits revealed that threat actors are not seeking credit card information as much as they did in previous years. They noted that only 29% of phishing kits were designed to steal card data, compared to 61% in the year before. Instead, the attackers prioritize personally identifiable information (PII). “Almost every phishing kit analyzed in the data sought to gather names at 98% and email addresses at 73%, followed by home addresses at 66% and passwords at 58%,” the report reads. “Lower instances of phishing kits seeking credit card data indicate that phishers are prioritizing personally identifiable information (PII), which allows them broader and more nefarious options. PII can either be gathered and sold on the dark web or other forums or used to conduct further operations against targets,” it adds. Furthermore, the average phishing campaign observed in 2022 lasted longer and targeted more people than in prior years. IBM Security said the lifespan of observed phishing kits is doubling year over year.
Attempt to Extort Victim Organizations
IBM Security also studied the impact of cyberattacks on victim organizations. The researchers found that in 21% of the incidents, the threat actors attempted to extort their victims. Cybercriminals often relied on ransomware and business email compromise (BEC) to extort victims. They also used other malware, such as remote access tools, crypto miners, web shells, downloaders, and backdoors. Furthermore, malicious actors targeted organizations in the manufacturing sector the most (30%). Data theft was the second biggest impact (19%) on victim organizations. We recommend reading through the complete report for more details. If you run a small business, check out our office cybersecurity tips for some valuable information on how to protect your company online.
