In 2017, most companies have data breach preparedness on their radar. But the threat landscape is ever-evolving. Staying ahead of emerging threats and the increasing sophistication of cybercriminals requires “constant vigilance,” as Mad-Eye Moody from J.K. Rowling’s Harry Potter series was fond of saying.”Preparing for a data breach has become much more complex over the last few years,” says Michael Buemmer, vice president at Experian Data Breach Resolution. “Organizations must keep an eye on the many new and constantly

Experian says five data breach trends will dominate 2017:

  • Aftershock password breaches will expedite the death of the password.
  • Nation-state cyber-attacks will move from espionage to war.
  • Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging.
  • Criminals will focus on payment-based attacks despite the EMV shift that took place more than a year ago.
  • International data breaches will cause big headaches for multinational companies.

1. Aftershock password breaches will expedite the death of the password

Experian says that “aftershock” breaches, which it considered an emerging trend in 2016, will become more common and varied in 2017.

[ Related: Companies complacent about data breach preparedness ]

Earthquakes are often followed by a series of aftershocks, smaller magnitude earthquakes that can occur for years after the initial quake as the earth’s crust around the displaced fault plane adjusts.

Password breaches are similar, according to Experian: Attackers continue to sell old username and password information on the dark web. Since users often reuse passwords, this can lead to companies that didn’t experience a first-hand data breach becoming the target of repeat unauthorized log-ins, which in turn forces those companies to notify their users that their information is being misused.

By way of example, Experian points to the breach of 500 million Yahoo! Accounts in 2014.

“It has been reported those stolen credentials were subsequently resold and used by other criminals to compromise accounts across a wide variety of services where consumers use the same username and password,” Experian notes in the report. “This exposure of the largest-ever breach of usernames and passwords is likely to reverberate for years to come as the exposed credentials make their way through the underground economy. Companies that have never experienced a direct breach will be forced to deal with the aftershock of Yahoo!’s loss of user credentials.”


Experian predicts 2017 will see criminals expanding on the aftershock breach concept. They won’t just involve usernames and passwords; attackers will take the same approach with even more personal information, like social security numbers and medical information.

To combat this trend, Experian recommends implementing two-factor authentication to identify users. It also recommends companies account for aftershock breaches in their incident response plans.

2. Nation-state cyber-attacks will move from espionage to war

Experian predicts that cyber conflicts between nation-states will escalate from espionage to cyber-warfare in 2017.

“While the [U.S. Office of Personnel Management] breach of 2015 was clearly motivated by gaining specific intelligence, in 2017 we will see new operations made public that use cyber-attacks as an outright offensive weapon,” the report said.

Experian notes that when the issue of state-sponsored cyber-attacks came up during the recent U.S. presidential campaign, both candidates said they would favor using cyber weapons to retaliate, leading Experian to predict an escalation in cyber-attack conflict in 2017. These conflicts will tend to leave consumers and businesses as collateral damage.

“The progression of cyber-attacks driven by nation-states will undoubtedly place critical infrastructure in the crosshairs, potentially leading to widespread outages or exposed personal information that could impact millions of innocent consumers,” the report said.

Experian recommends companies address this threat by participating in their respective Information Sharing and Analysis Center (ISAC) to share cyber threat information with peers and national defense organizations. Additionally, businesses &8212; especially businesses involved in critical infrastructure — should prepare for full-on disruption. Proactive steps could involve purchasing insurance protection and shoring up security measures against large-scale disruptions.

evolving threats and address these threats in their incident response plans.”


To read this article in full or to leave a comment, please click here

Leave a Reply

Your email address will not be published. Required fields are marked *