IBM releases X-Force report on AI-accelerated attacks

IBM released the 2026 X-Force Threat Intelligence Index, which reported that AI-accelerated cyberattacks reshaped the North American threat landscape and increased pressure on Canadian organizations.

The report stated North America is now the most attacked region globally, accounting for nearly a third of incidents X-Force responded to last year, and it said regional patterns provided a clear view of risks for Canadian enterprises because of shared cloud infrastructure, interconnected supply chains, and similar attacker behaviours.

Findings documented a 44% surge in attacks that began by exploiting public-facing applications, driven by missing authentication controls and AI-enabled vulnerability discovery, and noted that vulnerability exploitation became the leading cause of cyberattacks in 2025. The index reported credential harvesting was the most common impact in North America and that infostealer malware exposed more than 300,000 ChatGPT credentials globally in 2025. The report also said adversaries are using Artificial Intelligence (AI) to compress decision cycles, scale phishing attacks, and manipulate digital identities.

The publication included industry-level measures and practical measures for Canadian organizations: manufacturing remained the most attacked industry globally in 2025 (27.7%), finance and insurance accounted for 27% of global attacks, and government and public sector organizations saw attacks driven by phishing and valid account use. The report presented recommendations to secure AI platforms with conditional access and strong identity controls, modernize authentication, continuously hunt for vulnerabilities across cloud infrastructure, map external attack surface exposure, and strengthen patching and configuration hygiene.

“Canadian organizations are facing a perfect storm: legacy systems, rapid AI adoption, and increasingly automated threats,” said Chris Sicard, Security Leader, IBM Canada.

“The speed at which attackers can now identify and exploit vulnerabilities means traditional, reactive security models are no longer enough. Organizations across Canada need to modernize authentication, secure their AI adoption, and continuously hunt for vulnerabilities before attackers do.”