The 2023 Data Breach Report and the 2024 Data Breach Industry Forecast

Foresight and Hindsight

Imagine a world where a single vulnerability in software can impact millions of users across the globe. This isn’t a hypothetical scenario; in 2023, cyberattacks accounted for over 63 million victims in just three months, according to the ITRC’s Data Breach Report. This blog post dives into the intricacies of data breaches as reported by two of the top authoritative sources in cybersecurity risk. By examining the “2023 Data Breach Report” from ITRC and the “2024 Data Breach Industry Forecast” by Experian, we gain invaluable insights into the past, present, and possible future of data security.

Overview of Reports

ITRC’s 2023 Annual Data Breach Report: This report provides a comprehensive analysis of data breaches in 2023, focusing on their frequency, scale, and impact across various industries. It highlights the increasing number of data compromises and a shift in the nature of these incidents.

2024 Data Breach Industry Forecast: Published by Experian, this forecast provides predictions for data breach trends in 2024. It emphasizes potential future risks, including the increasing complexity of attack vectors and how attacks are evolving.

Key Findings and Correlations

1. Rising Number of Data Breaches:

• ITRC 2023 Report: Records a historic high of 3,205 data breaches in 2023, marking a 78% increase from 2022.
• Experian 2024 Forecast: While specific numbers are not provided, there is an emphasis on the growing threat of third-to-sixth party breaches, suggesting a broader and more complex threat landscape.

2. Shift in Attack Focus:

• ITRC 2023 Report: Notes a 16% decrease in the number of victims, indicating a shift towards more targeted attacks rather than mass breaches.
• Experian 2024 Forecast: Predicts smaller-scale, but highly impactful attacks, like altering critical data or exposing sensitive information.

3. Industry-Specific Trends:

• ITRC 2023 Report: Healthcare, Financial Services, and Transportation industries reported double the number of compromises compared to 2022.
• Experian 2024 Forecast: Highlights similar industries as major targets, with added emphasis on vulnerabilities in SaaS platforms and public cloud infrastructures.

4. Evolution in Cyberattack Methods:

• ITRC 2023 Report: Shows a decrease in phishing and ransomware but a significant increase in malware and Zero Day attacks.
• Experian 2024 Forecast: Foresees an increase in attacks on software and systems indirectly connected to the primary target, reflecting the expansion of digital ecosystems.

5. Involvement of Nation-States and Insider Threats:

• ITRC 2023 Report: Doesn’t explicitly focus on nation-state actors.
• Experian 2024 Forecast: Warns of the growing involvement of countries like India in cyberterrorism, alongside the increasing threat of insider attacks on publicly traded companies.

6. Supply Chain Vulnerabilities:

• ITRC 2023 Report: Highlights a more than 2,600% increase in organizations impacted by supply chain attacks since 2018.
• Experian 2024 Forecast: Echoes this concern, anticipating further escalation in such attacks.

7. Data Breach Notification Trends:

• ITRC 2023 Report: Reveals that more than 1,400 public breach notices lacked specific information about the attack vector, a 98% increase from 2022.
• 2024 Forecast: While the 2024 Data Breach Industry Forecast does not directly address breach notification trends, the expectations surrounding breach reporting are evolving rapidly, especially in light of the new Securities and Exchange Commission (SEC) mandate on breach disclosure implemented in December 2023.

Trends and Implications

Increasing Complexity of Attacks: Both reports signal a shift from large-scale, indiscriminate attacks to more sophisticated, targeted operations. This evolution necessitates a more nuanced approach to cybersecurity, emphasizing specific threat intelligence and proactive defense strategies. Experian’s discussion on third-to-sixth party breaches highlights a critical vulnerability in modern cybersecurity: credential reuse. This common practice of using the same email and password across multiple platforms can turn a single data breach at a third party into a gateway for cyberattacks across an entire supply chain network. As credentials become compromised and reused, the breach’s impact can ripple up to fourth, fifth, and even sixth parties, exponentially magnifying the risk. This scenario highlights the urgent need for robust security measures like enhanced password policies, monitoring for compromised passwords, and user education to mitigate the risks associated with interconnected supply chain breaches.

Industry-Specific Vulnerabilities: The consistency in targeted industries across both reports underscores the need for sector-specific security measures. Healthcare, Financial Services, and Technology sectors must strengthen their defenses against increasingly sophisticated attacks.

The Role of Nation-States: The 2024 Forecast’s emphasis on nation-state involvement in cyberterrorism highlights a geopolitical dimension to cybersecurity, necessitating a broader, more collaborative approach to cyber defense involving both the private sector and government agencies. This issue is vividly illustrated by the recent attack on Microsoft’s corporate systems by the Russian state-sponsored actor known as Midnight Blizzard or NOBELIUM. This incident, detected on January 12, 2024, by Microsoft’s security team, showcases the sophistication and persistence of nation-state cyber threats and underscores the impending need for a collaborative approach to cyber defense.

Supply Chain as a Critical Front: A supply chain attack, often referred to as a third-party attack, occurs when a bad actor infiltrates a system through an outside partner or provider with access to systems and data. This kind of attack targets less secure elements in the supply chain network to gain access to more secure, higher-value targets. The significant increase in supply chain attacks reported by ITRC and acknowledged in the 2024 Forecast points to the need for comprehensive supply chain risk management strategies, encompassing all tiers of suppliers and vendors.

Reflections and Projections

As we reflect on the sobering statistics and trends from the ITRC’s report and look ahead to the forecasts by Experian, one thing is clear: organizational investment in cybersecurity is crucial today and in the future. The decline in the number of victims reported by the ITRC may offer a glimmer of hope, but Experian’s forecast reminds us that threats are continuously evolving, requiring organizations to adapt. The shift towards more sophisticated, targeted attacks, the emphasis on specific industries, and the alarming rise in supply chain vulnerabilities call for a dynamic and adaptive approach for preventing threats. Security teams must stay informed and agile, continuously adapting to the latest threats.

AUTHOR

Josh Parsons

Josh is the Product Marketing Manager at Enzoic, where he leads the development and execution of strategies to bring innovative threat intelligence solutions to market. Outside of work, he can be found at the nearest bookstore or exploring the city’s local coffee scene.