IBM Report Finds Credential Theft Surged in 2024 as Hackers Shift to Stealthier Tactics

IBM has released its 2025 X-Force Threat Intelligence Index, revealing a significant pivot by cybercriminals toward stealthier methods, particularly large-scale credential theft. The report found that nearly half of all cyberattacks in 2024 resulted in stolen data or credentials, with phishing emails delivering infostealers rising 84% over the previous year.

Identity-based attacks outpaced ransomware in growth, with nearly one in three incidents involving credential theft. Cybercriminals increasingly targeted critical infrastructure, which accounted for 70% of IBM X-Force's incident responses, often exploiting vulnerabilities in legacy systems. Meanwhile, ransomware incidents declined overall, pressured by law enforcement crackdowns, prompting threat actors to explore lower-risk malware strategies and new botnets.

Asia Pacific experienced the highest volume of cyberattacks globally, making up 34% of cases, followed by North America at 24%. Manufacturing remained the most targeted industry for ransomware for the fourth year in a row due to its low tolerance for downtime.

The report also identified a rise in dark web markets trading compromised credentials, MFA bypass tools, and adversary-in-the-middle phishing kits. IBM X-Force warned of a growing threat landscape around AI, highlighting vulnerabilities in AI development frameworks and urging businesses to secure their AI pipelines from development to deployment.

Other findings showed that over half of Red Hat Enterprise Linux environments remained unpatched for at least one critical vulnerability, making them susceptible to Linux-based ransomware threats.

IBM will discuss the report's findings in a webinar on April 22 and encourages organizations to reassess their cybersecurity strategies with a focus on proactive identity protection and vulnerability management.