{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreiap23yg6qftv5vwvqirgkm2i7r2czdfmxzp4vru4yqde4mzjkxxse",
"uri": "at://did:plc:qzjwstutqk2cy7df7jbzd2hx/app.bsky.feed.post/3mfpjrxrtmfr2"
},
"coverImage": {
"$type": "blob",
"ref": {
"$link": "bafkreicmywh2cteumm2lpoubphxvypuojwen5e7ukijrah2m5vr4ygozby"
},
"mimeType": "image/jpeg",
"size": 11674616
},
"path": "/article/4137368/ibm-x-force-ai-creates-security-challenges-but-basic-system-flaws-are-more-problematic.html",
"publishedAt": "2026-02-25T19:12:44.000Z",
"site": "https://www.networkworld.com",
"tags": [
"Artificial Intelligence, Network Security, Security",
"2026 X-Force Threat Intelligence Index",
"IBM X-Force"
],
"textContent": "AI tools allow attackers to identify and exploit enterprise security weaknesses faster than ever, but most network invaders still rely on unpatched vulnerabilities, credential theft, and misconfigurations to wreak havoc on corporate resources, according to IBM.\n\nThe vendor today released the 2026 X-Force Threat Intelligence Index, which analyzes data from incident response engagements, the dark web, and other threat intelligence sources to uncover attack trends and patterns.\n\nIBM X-Force reports that cybercriminals are exploiting basic security gaps at dramatically higher rates, accelerated by AI tools that help attackers identify weaknesses faster than ever. “IBM X‑Force observed a 44% increase in attacks that began with the exploitation of public-facing applications, largely driven by missing authentication controls and AI-enabled vulnerability discovery,” IBM stated.\n\nHowever, “it’s important to acknowledge AI has not changed the fundamentals of cyberattack campaigns. Attackers still rely on unpatched vulnerabilities, valid credentials and misconfigurations to accomplish their goals. What AI has changed is the speed, scale and efficiency of these attacks, which serve to make rapid detection and decisive response more important than ever,” states the X-Force report.\n\nIBM X-Force identified systemic weaknesses in access control, credential management, and software configuration. Among the findings:\n\n * A high occurrence of exploiting incorrectly configured access control security levels suggests misconfigurations remain a primary entry point for attackers, indicating persistent gaps in governance and enforcement of security policies.\n * The prominence of password brute forcing and scanning for vulnerable software reflects widespread exposure due to weak authentication practices and insufficient vulnerability management.\n * Patterns such as privilege escalation and session hijacking demonstrate once attackers gain a foothold, they are able to move laterally and maintain persistence, amplifying the impact of initial breaches.\n\n\n\nCollectively, these trends indicate organizations face compounded risks from both preventable technical flaws and operational oversights, according to the X-Force report. It underscores the need for stronger configuration controls, proactive vulnerability management and secure development practices to mitigate recurring exploitation paths.\n\nAs for the impact of AI, X-Force reports the technology is no longer an emerging concept in cybersecurity: “It’s a force multiplier actively used by both defenders and adversaries. Threat actors are already applying generative AI to scale phishing operations, accelerate malicious code development and enhance social engineering through improved language quality and realism. At the same time, defenders are using AI-driven analytics to process vast volumes of telemetry, identify anomalous behavior and shorten detection and response timelines.”\n\n“Adversaries increasingly use AI to accelerate research, analyze large data sets and iterate on attack paths in real time, allowing them to adjust tactics as conditions change rather than relying on static, preplanned actions,” the X-Force report states. “This operational flexibility increases dwell-time risk and places greater strain on security teams that depend on fixed rules, signatures or delayed analysis to detect malicious activity.”\n\nAs multimodal AI models mature, X-Force states that it expects adversaries to automate complex tasks like reconnaissance and advanced ransomware attacks, driving faster-moving, more adaptive threats.\n\nSome other pertinent findings include:\n\n * X-Force identified a nearly 4x increase in large supply chain or third-party compromises since 2020, mainly driven by attackers exploiting trust relationships and CI/CD automation across development workflows and SaaS integrations. With AI-powered coding tools accelerating software creation, and occasionally introducing unvetted code, the pressure on pipelines and open‑source ecosystems is expected to grow in 2026.\n * Active ransomware and extortion groups surged (49%) year over year, marking ecosystem fragmentation, while publicly disclosed victim counts rose roughly 12%.\n * Vulnerability exploitation became the leading cause of attacks, accounting for 40% of incidents observed by X-Force in 2025.\n * Compromised chatbot credentials create AI-specific risks beyond simple account access. Attackers can manipulate outputs, exfiltrate sensitive data or inject malicious prompts.\n * Attackers are using AI to speed research, analyze large data sets and iterate on attack paths in real time.\n * Agentic AI has introduced new risks, and amplified others. Security leaders need a comprehensive AI governance solution to scale AI with trust and transparency.\n\n\n\n“Protecting identities has always posed a challenge. It’s about to get harder. As attackers fine-tune their credential‑driven operations, IT and security leaders must turn to AI to help them gain visibility into identity-based risks and threats across their IT landscape,” the X-Force report states. “By combining AI-powered identity threat detection and response (ITDR) and identity security posture management (ISPM) services and solutions, organizations can move more quickly and efficiently to identify vulnerabilities and prevent attacks from happening.”",
"title": "IBM X-Force: AI creates security challenges, but basic system flaws are more problematic"
}