In a recent report by X-Force, it was predicted that the increasing dominance of AI technologies in the market will lead attackers to invest in attack toolkits targeting AI models and solutions. The report highlighted the rapid growth of AI integration in companies, with 72% of businesses now incorporating AI into at least one business function, a significant increase from the previous year.
As new technologies like gen AI emerge, they create new vulnerabilities that security researchers are racing to identify and address before attackers exploit them. Vulnerabilities in AI frameworks are expected to become more prevalent over time, with recent discoveries of active attack campaigns targeting widely used open source AI frameworks in sectors such as education, cryptocurrency, and biopharma. These weaknesses in AI technology present opportunities for attackers to exploit.
X-Force also revealed several key findings from their research:
1. Legacy technology and slow patching cycles continue to pose challenges for critical infrastructure organizations. Cybercriminals took advantage of vulnerabilities in over a quarter of incidents responded to by IBM X-Force last year, with some of the top vulnerabilities linked to sophisticated threat actor groups, including nation-state adversaries.
2. Ransomware attacks are on the rise, with a 25% increase in activity year-over-year. Ransomware threat groups are adopting a cross-platform approach, targeting both Windows and Linux systems to expand their attack surfaces. While ransomware incidents have declined in recent years, they still account for nearly a third of malware incident response cases.
3. Despite an overall decrease in phishing attacks, IBM observed an 84% spike in phishing emails delivering infostealers in 2024. This trend continued into early 2025, with a 180% increase in phishing emails delivering infostealers. Stolen credentials from these attacks can be used in identity-based attacks.
4. Endpoint detection and response solutions have become more effective at detecting backdoor intrusion attempts via phishing. As a result, threat actors have shifted to using phishing as a secondary vector to deliver infostealer malware. In 2024, there was an 84% increase in infostealers delivered via phishing.
5. Collaboration with Red Hat Insights revealed that over half of Red Hat Enterprise Linux customers had at least one critical vulnerability unaddressed, with 18% facing five or more vulnerabilities. Additionally, the most active ransomware families are now targeting both Windows and Linux systems.
6. The manufacturing industry remained the most targeted sector for the fourth consecutive year, experiencing the highest number of ransomware cases. Encryption continues to be a critical investment for this sector due to its low tolerance for downtime.
Overall, the threat landscape is evolving rapidly, with attackers increasingly targeting AI technologies, exploiting vulnerabilities in AI frameworks, and utilizing multiple tactics like ransomware and phishing attacks to compromise organizations. It is essential for businesses to stay vigilant, update their security measures, and collaborate with experts to mitigate these growing cybersecurity risks.