Sixty percent of cybersecurity incidents around the world last year were identity-based intrusions, with identity targeting being prominent across all attack stages, SiliconAngle reports.
Active Directory was the leading target of identity-based attacks, followed by cloud application programming interfaces, an analysis from Cisco Talos showed. Half of all identity attacks involved ransomware, making it the leading motivator of such incidents, followed by the sale of stolen credentials, cyberespionage, and financial fraud. Moreover, multi-factor authentication failures, including the absence of MFA in virtual private networks, MFA exhaustion, and inappropriate enrollment, have been exploited by threat actors to facilitate most identity-based attacks, which have been aimed at Citrix, Microsoft, and Fortinet identity and access management systems. Despite being mainly used for social engineering and automation in 2024, generative artificial intelligence was regarded by Cisco Talos researchers to be a mounting concern this year amid its growing adoption and sophistication, with more intrusions expected to be launched against AI systems increasingly integrated to supply chain pipelines.
