August 14, 2018
Data Breaches: Fresh Ammunition for Cybercriminals Drives Increase in Cyberattacks
Posted November 7, 2017
Data breaches have become a common fact of life in the digital economy. But recent months have seen data breaches on a scale that has dominated even mainstream news.
For digital citizens, these breaches result in a flurry of activity around reviewing accounts for unusual transactions, and changing login information and passwords to help ensure an account isn’t hacked with stolen credentials.
But, for digital businesses, these breaches result in a different flurry of activity – dealing with the inevitable cyberattacks that are sure to follow.
Time for a Refresh
According to the Identity Theft Resource Center, there have already been 1,120 data breaches in 2017, exposing more than 170 million records.
These breaches are basically a data refresh for cybercriminals. And, they waste little time in utilizing this new data.
With this new batch of fresh credentials, fraudsters quickly carry out mass identity testing, and use validated credentials to takeover trusted user accounts, open fraudulent new ones, and pay for goods and services with stolen credit card data.
In fact, 11.1 percent of all new account creations from July through September were flagged as fraudulent, according to data from the new Q3 2017 Cybercrime Report from ThreatMetrix.
This behavior comes into focus when comparing the timing of breaches with attack patterns and key spikes in attacks found in the ThreatMetrix Identity Abuse Index. It’s no coincidence that the highest attack volumes occur right after the most high-profile breaches. After all, the most valuable time for fraudsters is right after a breach has happened but before it has been discovered and reported.
Compared to previous years’ analysis, we see far more pronounced spikes in attack levels. This demonstrates the downstream effects of these large-scale breaches; businesses are being attacked with greater ferocity than ever before.
More Breaches, More Attacks
Attack levels have grown as fraudsters have access to complete identity information, along with sophisticated crimeware tools for perpetrating attacks.
The latest Cybercrime Report reported 171 million attacks this quarter, almost a 100-percent increase from Q3 2015 and a 32-percent increase from the beginning of 2017. In fact, attacks during the first three quarters of 2017 are more than the entire volume of attacks seen in 2016.
After a breach, the initial attacks tend to focus on high-value loan applications at online lenders and low-value identity testing on charities and media companies.
Evidence is mounting that cybercrime is the funding source for many other illegal businesses, including terrorism. Identity data has therefore become the primary ammunition for criminals to launch large-scale attacks across industries and geographies.
This makes it even more critical for businesses to develop a proactive, rather than reactive, response to possible breaches.
The challenge for many digital businesses is that they are trying to solve the authentication problems associated with new accounts, logins and payments in silos, plugging one gap while others remain vulnerable. At the same time, digital businesses are lacking a holistic view of the end user across their entire customer journey. This makes it impossible to validate a user’s identity at each touchpoint, leaving businesses vulnerable to fraudsters with stolen credentials posing as legitimate customers.
Add in the increased use of mobile devices, and the problem for businesses escalates. For the first time ever, more transactions now happen on mobile devices than on desktops. Overall, ThreatMetrix saw more than four-times the number of mobile transactions compared to Q3 2015.
Transacting on mobile devices comes with its own distinct set of issues. And while attack rates are still lower than for desktop, the rate of mobile cybercrime attacks is growing. Multi-layered security, which is customer-fit for the mobile platform, is vital for protecting mobile transactions.
As the battle against cybercrime continues, it’s quite common to lose focus from what really matters – not seeing the forest through the tress so to speak.
In the end, it all comes down to the customer. After all, they are the ones who power the business, and can impact your success by defecting to a competitor if their online experience does not live up to expectations.
While it is critically important to protect your business from fraudsters and cybercriminals, it cannot come at the expense of the customer experience. In short, cyber defenses must not prompt increased friction. Passive, risk-based decisions must be augmented with low-friction step-up solutions when required to prioritize an exceptional online experience.
To discover more global insights from the ThreatMetrix Digital Identity Network®, download the Q3 2017 Cybercrime Report.