Chapter 3 - Crime Areas

3.7 Data breaches and network intrusions - Future threats and developments

As high value targets begin to improve their IT security measures, we can expect more targeted attacks on third party suppliers. Not only is their own data vulnerable but they can be compromised as a stepping stone to an ulterior attack on a larger corporation to whom they are a trusted source - a method known as ’Island Hopping’ [125]. Moreover, with the widespread adoption of Big Data, more companies will act as data brokers by amassing large amounts of data. Given the potential value and multi-purpose use of this data, we can also expect to see more targeted attacks on data brokers, mainly for economic reasons but also for politically motivated attacks [126].

With the expanding availability of criminal services on the digital underground we can expect a proliferation of untargeted and unsophisticated security incidents. At the opposite end of the scale we can also expect more hackers-for-hire such as Hidden Lynx and the Comment Crew to emerge as the professionalism and business model of the digital underground continues to evolve - contracted by clients to steal or sabotage as required.

In addition to the number of attacks rising, as companies become more aware of the threats and become better at detecting or identifying indicators of an intrusion we can expect the number of reported incidents to increase.