IBM: Cyber Crime Is Increasingly Integrated, Infostealer Soars 180 Percent

Illustration of infostealer (photo: Proton)

JAKARTA - IBM has just released the X-Force Threat Intelligence Index 2025 which shows that cybercriminals continue to shift to more covert tactics.

In 2024, IBM X-Force recorded an increase in email shipments containing infostealer (or information theft techniques) by 84 percent compared to the previous year.

In fact, data in early 2025 showed a further surge of 180 percent compared to 2023. This spike was partly caused by the use of AI by perpetrators to make phishing emails on a large scale.

In addition, the report also found that last year, 70 percent of the attacks handled by IBM X-Force targeted critical infrastructure sectors in the organization, and more than a quarter were due to security loopholes exploited by hackers.

IBM is also seen where many cybercriminals choose to steal data (18%) rather than encrypt it (11%), as detection technology is increasingly sophisticated and the increasing law enforcement efforts are encouraging hackers to move faster to escape.

Cybercriminals often enter without damaging anything they take advantage of the identity loopholes of a complex hybrid cloud environment, which provides them with many access points, explains Mark Hughes, Global Managing Partner for Cybersecurity Services in IBM.

While there has been a spike in credential theft, IBM sees that ransomware attacks still dominate 28 percent of malware cases by 2024, but overall, ransomware incidents have declined.

Therefore, Hughes appealed to businesses to stop relying on ad-hoc prevention, which is reactive, unstructured, and is only carried out when problems arise.

He invites businesses to start focusing on proactive measures such as modernizing authentication systems, closing multi-factor authentication (MFA) gaps, and doing real-time threat hunting to find hidden threats, before sensitive data is exposed.