The country continued to be the most targeted in Latin America throughout 2023. More than half of the unauthorized accesses began with the exploitation of public applications
IBM launched the X-Force Threat Intelligence Index 2024, highlighting an emerging global credentials crisis as cybercriminals have exploited users' valid identities to compromise companies through improper access to corporate information. Worldwide, 71% of cyberattacks were caused by the exploitation of valid credentials. According to IBM X-Force, the offensive and defensive Security Services area of IBM ConsultingBy 2023, cybercriminals have seen more opportunities to 'log in' through valid accounts rather than 'hack' into corporate networks. In Brazil, acquiring credentials and extracting data using legitimate tools were common and recurring actions among cybercriminals.
“The report highlights an emerging credentials crisis as cybercriminals have focused their efforts on stealing and compromising valid identities. This trend also impacts Latin America across all sectors and will likely increase as attackers invest in AI to optimize approaches,” says Fábio Mucci, Software leader at IBM Security in Brazil. “This should keep us on our toes and reinforce our credential and access control strategies, as well as push us to promote a more holistic approach to security, especially in the era of generative AI.”
The X-Force Threat Intelligence Index is based on insights and observations from monitoring more than 150 billion security events per day, across more than 130 countries and locations, including Mexico, Central America, and South America. Additionally, data were collected and analyzed from multiple IBM sources such as IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided by Red Hat Insights and Interzer, which contributed to the 2024 report.
Some relevant discoveries from Brazil:
>>> Brazil remains a main target. Once again, the country was the most targeted in Latin America, representing almost 68% of the incidents highlighted by X-Force in the region. X-Force continues to watch new and improved campaigns, specifically targeted at Latin America, highlighting a worrying trend of greater risk for the region in the future. 
>>> At the industry level, there is a tie. The Energy and Retail sectors were the most targeted, each recording 41% of cases. Additionally, X-Force has seen an increase in campaigns leveraging malicious Chrome extensions, most of which are concentrated in financial institutions in the region. IBM has also seen increased development and activity of .NET-based banking trojans targeting customers and account holders.
>>> Attack routes. In 2023, the main vector of initial access in Brazil was the exploration of public applications. In other words, taking advantage of weaknesses in computers or programs with Internet access represented 57% of the cases observed by X-Force. The use of phishing came in second place, totaling 29% of cases.
>>> Most observed threat trends. The most common actions in Brazil were evenly distributed between malware (ransomware), access to servers and use of legitimate tools (specifically tools for data exfiltration and credential acquisition). Regarding the impact of attacks, brand reputation implications and data leaks were the most experienced by organizations, with 25% each.
Other global discoveries involving Brazil and Latin America include:
>>> A global credentials crisis about to get worse. In 2023, X-Force saw attackers increasingly invest in operations to obtain user identities, with a 266% increase in information-stealing malware. This 'easy entry' by attackers is one of the most difficult tactics to detect, generating high costs in companies' response.
>>> “Basic security” may be harder to achieve than you think. Nearly 85% of critical sector attacks could have been mitigated with a security patch, enabling multi-factor authentication or granting fewer privileges to users. This highlights the frequent need for organizations to stress test their technology environments to assess potential exposures and develop response plans for potential incidents.
>>> The ROI of attacks against Generative AI (GAI) is yet to be achieved. X-Force analysis projects indicate that when a single AGI technology approaches 50% market share or when the market consolidates into three or fewer technologies – this can trigger the maturity of AI as an attack surface, mobilizing more investment in new cybercriminal tools. Companies must also recognize that existing infrastructure is a gateway to AI models – which do not require new tactics on the part of cybercriminals – highlighting the need for a more holistic approach to security in the age of AGI, as outlined in IBM Framework to secure IAG.
>>> Everyone is vulnerable. Red Hat Insights found that 92% of customers have at least one unaddressed known vulnerability or exposure (CVE) that can be exploited in their environment, while 80% of the top ten vulnerabilities detected across all systems in 2023 received a severity score of 'high' ' or 'criticism'.
>>> Incorrect security settings. X-Force Red penetration testing engagements indicate that security misconfigurations accounted for 30% of total exposures identified, noting more than 140 ways attackers can exploit misconfigurations.
Additional features:
EN 
PT 
