IBM: Europe was the world’s most targeted region for cyberattacks in 2023

Cyberattacks hit Europe more than any other region in 2023, according to new research from IBM.

The continent accounted for a whopping 32% of incidents analysed by the tech giant. That pushes it past last year’s biggest target, Asia-Pacific, which drops from first to third with 23%. North America jumps into second place with 26% of all cases.

Across the globe, the biggest technical shift was the growing abuse of user identities. Attacks harnessing valid credentials surged by 71% year-over-year. For the first time, they became the most common entry point into victim environments — alongside phishing. IBM also discovered a 266% increase in the use of infostealing malware, which can unlock the gates to accounts.

These trends have a simple explanation. With billions of compromised identities on the Dark Web, it’s easier to acquire credentials than to exploit vulnerabilities or execute phishing campaigns. Searching for the path of least resistance, attackers are moving from “hacking in” to “logging in.”

“Cybercriminals will look to pivot as needed and find the easiest opportunity and the best ROI — they will chase the money,” Martin Borrett, Technical Director for IBM Security UK&I, told TNW.

The symptoms of cyberattacks

Within Europe, the UK was home to a hefty 27% of attacks — almost double that of any other country in the continent. Germany (15%) narrowly took second place ahead of Denmark with 14% — a striking proportion for a nation of under 6 million people.

Portugal’s 11% was another eye-catching number per capita. The larger countries of Italy and France each attracted 8% of the continent’s total.

Collectively, these nations made Europe a hotbed of cyberattacks.

To explain the continent’s growing attraction to hackers, IBM pointed to several factors. One is Europe becoming the leading region for ransomware attacks. Another is its high use of cloud platforms. This could create a larger attack surface — particularly if criminals obtain valid cloud accounts. 

To mitigate the dangers, IBM made four key recommendations to enterprises: reduce the blast radius, adopt AI securely, stress-test your environments, and — of course — have a plan.