IBM has released its 2025 X-Force Threat Intelligence Index, revealing a shift in cybercriminal tactics. The report indicates a decline in ransomware attacks on enterprises but highlights a significant rise in stealthier, lower-profile credential theft.

IBM X-Force observed an 84% increase in emails delivering infostealers in 2024, compared to the previous year, as attackers increasingly exploit identity gaps in complex cloud environments. Mark Hughes, Global Managing Partner of Cybersecurity Services at IBM, stated, "Businesses need to shift away from an ad-hoc prevention mindset and focus on proactive measures."

The report found that critical infrastructure organizations were involved in 70% of all attacks, with vulnerability exploitation accounting for more than one-quarter of these incidents. Hughes emphasized the necessity for improved authentication management and real-time threat hunting.

According to IBM X-Force, attackers are opting for data theft (18%) over data encryption (11%), reflecting increased pressures from advanced detection technologies and law enforcement. Nearly one in three incidents in 2024 resulted in credential theft.

Ransomware incidents, while still composing a large share of malware cases, have decreased overall as the focus shifts to identity attacks. IBM X-Force also noted significant changes in ransomware operations, with some groups shutting down or changing their malware strategies.

Emerging threats to AI technologies were highlighted, with a focus on securing AI pipelines. Asia and North America faced the most cyberattacks in 2024, accounting for nearly 60% of all attacks globally.

Manufacturing remained the most attacked industry for the fourth year, primarily due to its low tolerance for downtime. Linux systems were also a target, with findings showing many Red Hat Enterprise Linux environments lacking critical patches.

The report encourages companies to download the full Index and participate in the upcoming webinar for further insights.

For more detailed findings, IBM has also published a blog covering the top insights from the report.