Sixty percent of cybersecurity incidents worldwide last year were identity-based intrusions, with identity targeting prominent across all attack stages, SiliconAngle reports.
Active Directory was the leading target of identity-based attacks, followed by cloud application programming interfaces, an analysis from Cisco Talos showed.
Half of all identity attacks involved ransomware, making it the leading motivator of such incidents, followed by the sale of stolen credentials, cyberespionage, and financial fraud. Moreover, multi-factor authentication failures, including the absence of MFA in virtual private networks, MFA exhaustion, and inappropriate enrollment, have been exploited by threat actors to facilitate most identity-based attacks, which have been aimed at Citrix, Microsoft, and Fortinet identity and access management systems.
Cisco Talos researchers said that, despite being mainly used for social engineering and automation in 2024, generative artificial intelligence (AI) was a mounting concern this year amid its growing adoption and sophistication, with more intrusions expected to be launched against AI systems increasingly integrated into supply chain pipelines.
