JAKARTA - The latest report titled X-Force Threat Intelligence Index 2026 from IBM revealed a significant spike in cyber attacks throughout 2025.
IBM noted that nearly 40,000 vulnerabilities, of which more than 56% do not require authentication to be exploited. This means that attackers can penetrate the system without credentials, bypassing multi-factor authentication (MFA), even without user interaction.
In addition, there was an increase of 44% in the exploitation of public-facing applications as initial access vectors. This spike is associated with the increase in supply chain attacks targeting the development ecosystem and trusted infrastructure.
The report also highlights the increasing security risks on AI platforms. More than 300,000 ChatGPT credentials were found to be traded on the dark web throughout 2025 due to an infostealer malware infection.
While no proof of credentials posted is still valid, this pattern shows that AI platforms are now facing a risk of credential leakage equivalent to other enterprise SaaS solutions.
On the other hand, the ransomware landscape is increasingly fragmented. X-Force identified 109 active ransomware groups in 2025, up 49% from 73 groups in 2024.
Sectorally, the manufacturing industry remains the main target for five consecutive years, contributing 27.7% of the total incidents. Followed by the financial and insurance sectors at 27%.
Meanwhile, in terms of geography, North America is the region most attacked with a share of 29%, up from 24% the previous year. On the other hand, Asia Pacific experienced a decline from 34% to 27% in 2025.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
