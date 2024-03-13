Identities Under Threat In 2024: What Can Your Business Do?
As cybercriminals finds ways to access victim details, firms need to invest in robust cybersecurity solution to better support their security team and join h ands with right tech ecosystem partner
In today’s world, where novel approaches to cybercrime are rapidly evolving, the biggest security threat in Asia-Pacific remains unpatched vulnerabilities.
Asia-Pacific was the third most targeted geography in 2023, accounting for 23% of incidents globally, according to IBM’s 2024 X-Force Threat Intelligence Index report.
In 2023, phishing and exploitation of public-facing applications were the most common initial access vectors observed in the region. However, X-Force has identified an emerging global trend in cyberattacks caused by exploiting user identities to access business environments, a tactic that has increased by 71% globally.
This serves as a warning sign for the region: It’s never been more critical for organisations to carefully examine their networks and user access structure to ensure they’re operating with sound security fundamentals. With malicious actors expected to invest in generative artificial intelligence to identify priority targets and devise new approaches to steal valid accounts, this problem will only get worse.
Easy Attacks, Higher Stakes
Adversaries are increasingly seeking the path of least resistance to get through organisations’ security measures. The availability of billions of compromised credentials accessible on the dark web today is making the exploitation of compromised yet still valid accounts easier than before.
By gaining access to users’ identities, attackers can simply log in to an organisation’s network, bypassing initial security checks. As these breaches utilise legitimate credentials, they are much harder to quickly identify, requiring nearly 200% more complex response measures than the average incident.
In addition to the time and effort spent by security operations centre teams, these breaches also have a huge financial impact on the business. In India, detection and escalation costs overall jumped 45% between 2020 and 2023, representing the highest portion of breach costs, according to IBM’s 2023 Cost of a Data Breach Report.
So while phishing and exploitation of public-facing applications currently remain the top causes of attacks in the country, we mustn’t overlook this global identity crisis, which might be “knocking on our door” soon. In fact, as attackers turn to generative AI as an optimisation tool, identity-based attacks will likely continue to grow in the coming years. Similar to how businesses seek to leverage generative AI to summarise and prioritise data, cybercriminals may turn to it for data distillation: putting AI to work with the troves of compromised data they’ve collected to identify the best targets for an attack.
These infection vectors—in other words, entry points into networks—have consistently helped cybercriminals target businesses in key sectors. Critical infrastructure in particular is a prime target. Globally it saw increased targeting last year, making up nearly 70% of all attacks, and the region is not an exception. Manufacturing was the most targeted industry in Asia-Pacific for the second year in a row, accounting for 46% of the cases. While in 2022, Europe saw the bulk of attacks on the transportation industry globally, in 2023, Asia-Pacific surpassed it—experiencing 63% of attacks against transportation entities.
Immediate Actions To Consider
Although these threats are expected to worsen as cybercriminals innovatively find ways to accelerate their attacks or improve their stealth, there are actions organisations can take to better safeguard their networks from identity-based attacks.
Deploy An Identity Fabric: Organisations should extend modern security and detection and response capabilities to legacy applications and systems. They can also improve their security posture by simplifying identity management through a single identity and access management provider who can help administer identity governance, manage workforce and consumer identity and access, and control privileged accounts.
Test And Stress Test: Organisations should frequently stress test environments for potential exposures and develop incident response plans for when—not if— a security breach occurs. The stress tests that X-Force conducted in 2023 for clients revealed that identification and authentication failures (e.g., weak password policies) were the second most observed security risk.
Leverage Intuitive Tools: When it comes to securing users’ access to networks, not only is it important to ensure users are who they say they are, they need to act like it too. It’s paramount in today’s environment to leverage behavioural analytics and biometrics as a form of verification. Habits, typing speed and keystrokes are just a few examples of behavioural analytics that can verify a unique user is legitimate. AI-enabled tools can help detect and block anomalous behaviours before they achieve impact.
Looking ahead, cybercriminals will continue to find ways to access victim environments—whether through exploiting valid accounts, unpatched vulnerabilities or phishing—all in the pursuit of financial gains. Enterprises need to invest in robust cybersecurity solutions to better support their security teams and join hands with the right technology ecosystem partners, so they can proactively build guardrails around their networks and infrastructure.
Pradeep Vasudevan is Country Head, Security Software, IBM India and South Asia.
The views expressed here are those of the author and do not necessarily represent the views of NDTV Profit or its editorial team.