Skip to main content

CYBERSTATS

Security Intelligence

VendorsIBM

IBM

Cybersecurity reports and statistics published by IBM

8 categories1 reports

Research Reports

Reports and publications from IBM

IBM X-Force 2025 Threat Intelligence Index

4/17/2025

Recent Statistics & Reports

60% of the top 10 vulnerabilities had been actively exploited or had a publicly available exploit from less than two weeks after disclosure to a zero day.

4/17/2025
VulnerabilitiesZero day

The number of infostealers delivered via phishing emails per week increased by 84% year-over-year.

4/17/2025
InfostealerPhishing

The global average cost of a data breach hit a record $4.88 million in 2024.

4/17/2025
Data breachData breach cost

The top initial access vector observed in 2024 was a tie between exploitation of public facing applications and use of valid account credentials, both representing 30% of X-Force incidence response engagements.

4/17/2025
Initial accessPublic facing applicationValid account credentials

Manufacturing is the #1-targeted industry by attacks for the fourth year in a row.

4/17/2025
ManufacturingCyber attack

Of all the malware cases, 28% involved ransomware, followed by backdoors and webshells, at 20% and 13% respectively.

4/17/2025
MalwareRansomwareBackdoors

Ransomware made up 28% of malware cases in 2024.

4/17/2025
RansomwareMalware

Manufacturing organisations experienced 29% of attacks involving extortion.

4/17/2025
ManufacturingExtortion

Analysis of dark web data reveals a 25% increase in ransomware activity year-over-year.

4/17/2025
RansomwareDark web

In 2024, the top impact experienced by victim organisations was credential harvesting, occurring in 28% of incidents.

4/17/2025
Credential harvesting

Manufacturing had the highest number of ransomware cases in 2024.

4/17/2025
ManufacturingRansomware

Identity-based attacks made up 30% of total intrusions for the second year in a row.

4/17/2025
Identity securityIdentity-based attacks

Manufacturing organisations experienced 24% of attacks involving data theft.

4/17/2025
ManufacturingData theft

The share of successful phishing compromises has declined steadily from 46% in 2022 to 29% in 2023 to now just 25% of all incidents remediated by X-Force in 2024.

4/17/2025
Phishing

The number of vulnerabilities has increased rapidly over the past eight years and grown threefold.

4/17/2025
Vulnerabilities

25% of attacks exploit public-facing applications.

4/17/2025
Public-facing applicationCyber attack

30% of the incidents X-Force responded to in 2024 involved the exploitation of public-facing applications.

4/17/2025
Public-facing application

Nearly one in three attacks observed by X-Force used valid accounts.

4/17/2025
Valid accountsCyber attack

Early data from 2025 suggests an even greater increase of 180% of weekly infostealer volume compared to 2023.

4/17/2025
Infostealer

The deployment of malware was the most observed action on objectives, making up 42% of cases.

4/17/2025
Malware

Showing 1-20 of 34 results

Top Categories

Ransomware
7
Malware
6
Vulnerabilities
4
Infostealer
4
Manufacturing
4
Dark web
4
Phishing
3
Cyber attack
3

Related Vendors

SpyCloud
7 stats
pwc
4 stats
KnowBe4
12 stats
Black Kite
7 stats
Cisco
6 stats
IBM
4 stats