COSTA MESA, CALIF. -- While tried and true tactics like phishing and malware are here to stay, there are always new approaches to watch out for in the cybersecurity space. Experian’s 11th annual Data Breach Industry Forecast includes six predictions for 2024 that focus a global lens on what savvy moves cybercriminals from near and far will potentially make to penetrate organizations and reap rewards.

While 2023 was a “successful” year for bad actors, we may see the following emerge to shake up the cyber landscape even more this year:

· Six Degrees of Separation: There’s no question third-party data breaches have made headlines. With increased data collection, storage and movement there are plenty of partners down the supply chain that could be targeted. We predict attacks on systems four, five or six degrees from the original source as vendors outsource data and technology solutions who outsource to another expert and so on.
· Little by Little Becomes A lot: When trying to achieve a goal, it’s said that taking small steps can lead to big results. Hackers could apply that same rule. Instead of making drastic moves and trying to reap instant reward such as with ransomware, bad actors may just manipulate or alter the tiniest bits of data to stay under the radar such as changing a currency rate or adjusting the coordinates for transportation, which can have a major impact.
· Not a Third Wheel: It’s widely known who the major players are globally that sponsor attacks and a new country in South Asia may join the international stage with their large population of engineers and programmers. While reportedly having been in the game focusing cyberattacks regionally due to political tensions, this country may broaden their sights in the future.
· No, not Mother Earth!: Plutonium, terbium, silicon wafers — these rare earth materials that are the building blocks for today’s hardware are rapidly becoming the most sought-after resources on the planet. Any disruption to an already strained supply chain could send the industry (and the economy that relies on these materials) spinning. This presents an intriguing opportunity for hackers looking to create disruption, or nation-states wanting to corner a market or disrupt an enemy’s economy.
· The Scarface Effect: Like drug cartels, cybergangs are forming sophisticated organizations as joining like-minded actors can be incredibly advantageous. This spans globally with countries potentially helping each other to advance common goals and interests. We’ll see more hackers for trade, crews looking to expand their monopolies, and cyberwarfare alliances.
· Winning from the Inside: In 2024, we may see enterprising threat actors target more publicly traded companies to gain insights to cheat the stock market or plan their attacks and sell their stash before value nosedives. Rather than breach an organization and play in the underground with stolen data, threat actors could leverage data extraction and their talents in plain sight as everyday investors.

“Cybercriminals are continually working smarter not harder,” said Michael Bruemmer, vice president, Global Data Breach Resolution at Experian. “They are leveraging new technologies like artificial intelligence and applying their talents in different ways to be more strategic and stay a step ahead. Organizations should not ignore even the slightest security abnormalities and be more aware of what global interests may make them a target.”

To access the complimentary report, visit https://ex.pn/2024databreachindustryforecast.

“Today, perpetrators can come from anywhere in the world and bring with them robust resources and expertise,” added Jim Steven, Head of Crisis and Data Response Services at Experian Global Data Breach Resolution in the United Kingdom. “There are many global crime syndicates and nation-backed operations, so companies need to invest in sophisticated prevention and response methods to protect themselves.”

Experian Global Data Breach Resolution offers international resources for companies impacted by a security incident and services include IdentityWorks℠ Global, multilingual call centers, and notifications covering more than 100 countries. Experian has also recently expanded capabilities to Japan, Taiwan and Thailand.