Cybercriminal Tactics Evolve: A Shift Towards Stealthier Attacks
The landscape of cybercrime has undergone a significant transformation in 2024, with attackers increasingly focusing on the targeted theft of login details. According to the IBM X-Force Threat Intelligence Index 2025, this shift marks a notable change in cybercriminal strategies. While ransomware attacks have decreased, emails containing info stealers have surged by 84 percent, indicating a preference for more subtle attack techniques.
In nearly half of all cyber attacks reported, data or login information was compromised. Organizations with critical infrastructure bore the brunt of these attacks, with 70 percent of all incidents responded to by IBM X-Force targeting these sectors. Attackers frequently exploited known vulnerabilities, highlighting the persistent issue of outdated technology and slow patch cycles within these organizations.
The IBM X-Force report reveals that in more than a quarter of the cases involving critical infrastructure, attackers leveraged known vulnerabilities to gain access. It is particularly noteworthy that cybercriminals showed a greater inclination to steal data (18 percent) than to encrypt it (11 percent). The advancement in detection technologies and stricter law enforcement measures have compelled attackers to operate more swiftly and covertly.
The Rise of Automated Attacks
In 2024, IBM X-Force observed an increase in phishing emails distributed by infostealers, a trend that has continued to escalate into 2025. The figures for early 2025 show a staggering 180 percent increase compared to 2023, likely driven by cybercriminals leveraging AI for large-scale automation. This development has made identity attacks more affordable, scalable, and profitable.
The dark web has become a thriving market for cybercriminal activities, with the five most prominent infostealers garnering over eight million advertisements in 2024. Each of these entries has the potential to contain hundreds of login credentials, underscoring the importance of dark web monitoring for early threat detection. Furthermore, attackers are not only selling stolen credentials but also offering phishing kits and services designed to circumvent multi-factor authentication, catering to a growing demand for unauthorized access.
As cybercriminals continue to adapt and evolve their tactics, organizations must remain vigilant and proactive in their cybersecurity measures. The findings from the IBM X-Force Threat Intelligence Index 2025 serve as a critical reminder of the importance of staying ahead of emerging threats in the cybersecurity landscape.
