Identity fraud has become a global crisis as cybercriminals exploit user identities to compromise enterprises globally.
According to IBM’s 2024 X-Force Threat Intelligence Index, the global trend is prominent in the Middle East and Africa region (MEA), with the use of valid local accounts and valid cloud accounts becoming the primary cause of cyberattacks against organisations in the area.
Read also: Banks on scam alert to check identity theft
This new attack trend slows business’s recovery time from cyberattacks due to their seemingly ‘valid’ nature. IBM X-Force revealed that cybercriminals saw more opportunities to log in than hack into corporate networks through valid accounts, making this tactic a preferred weapon for threat actors.
Saudi Arabia was the most targeted country in MEA, representing 40 percent of the overall incidents that X-Force responded to in the region. It was followed by the United Arab Emirates (UAE), which accounted for 30 percent of incidents.
The region’s most targeted sectors were finance and insurance, as well as transportation and energy. “The rising threats to user identities pose a major security risk in the region. In today’s digital landscape, where we live, work, and engage with one another online, safeguarding sensitive information demands proactive measures,” said Babacar Kane, General Manager and Technology Leader of IBM Africa Growth Markets.
Kane also disclosed that threat actors have started looking to AI to optimise their attacks, weakening AI-powered solutions.
To protect organisations against evolving cyber threats, IBM X-Force recommended implementing solutions such as network segmentation and an identity fabric to reduce potential damage from data security incidents.
“Hire hackers to stress-test your environment and identify the existing cracks that cybercriminals could exploit to gain access to your network and carry out attacks. Also having incident response plans that are customised for your environment is key to reducing the time to respond, remediate and recover from an attack,” it added.