Large data breaches set to continue in 2018

30 January 2018

Businesses should expect to see yet more large data breaches in 2018, as well as a further broadening of the types of attacks, according to predictions from cyber security experts.

Year of the breach

2017 was described as the year of the data breach. According to Risk Based Security there were over 5,000 publicly disclosed data breaches in 2017 with 7.8 billion records disclosed, making last year the worst ever in terms of frequency and severity. 2017 was also a record year for vulnerabilities with over 20,000 vulnerabilities disclosed in 2017, a 25.5% increase in reported weaknesses.

MIT Technology Review says large data breaches will continue to be a feature of 2018, and expects more attacks like those disclosed by Equifax and Uber in 2017. Equifax saw 143 million records exposed by a cyber attack while Uber said that the data of 57 million drivers and customers was compromised. At the end of 2017, PayPal uncovered a data breach at a newly-acquired subsidiary involving the data of 1.6 million customers.

Such breaches may become even more high profile from May 2018, with the introduction of notification requirements and the potential for hefty fines under the EU’s General Data Protection Regulation (GDPR). Large breaches on the scale of Equifax are also a reminder that cyber criminals are thinking big when it comes to selecting targets, and are likely to seek out other large sources of personal data in 2018, according to MIT.


Last year was also notable for the growing breadth and sophistication of cyber attacks – from the business interruption caused by the global ransomware attacks of WannaCry and NotPetya to large distributed denial of service (DDoS) attacks against financial institutions. Ransomware is expected to remain a key cause of cyber attacks in 2018, although some experts predict that ransomware could go into decline this year as companies get wise to the threat.

However, cyber criminals are expected to refine their use of ransomware. For example, MIT predicts that ransomware will target data in the cloud, while Symantec predicts the targeting of smart devices. Cyber criminals could also change tactics – for example, they are likely to target midsize and large businesses with DDoS attacks if ransomware proves less effective, according to CyberScout.

Cyber extortion is expected to remain a growth area this year. Political risk consultancy Control Risks says that cyber extortion accounted for 28% of cases in 2017, up from zero 10 years earlier. The company has seen a 397% increase in threats, extortions and cyber extortions since 2007.

Cyber war

Last year saw a perceived increase in politically motivated hacking, ranging from interfering with elections to the theft of trade secrets and attacks on critical infrastructure. The biggest incident of last year, the WannaCry ransomware attack, was thought by some to be the work of North Korea.

FireEye predicts that nation-state groups will increase and continue to expand their activities – especially Iran and North Korea, but also Russia and China – and will look to target supply chains and more. It also warns that the major cyber powers will increasingly share their tools, techniques, and operational experience with allied countries. This raises the risk of a dangerous escalation and makes for more complicated attribution.


The weak security of connected devices is another area of growing concern for cyber security specialists, and further attacks using the Internet of Things (IoT) are to be expected. In recent years, cyber groups have launched DDoS attacks using botnets comprised of IoT devices infected with malware, such as Mirai, the malware behind the 2016 DDoS attack against Dyn Inc.

Social engineering and phishing attacks are also likely to persist in 2018, as well as grow in sophistication. FireEye predicts an increase in attacks targeting social media accounts while Symantec warns that machine learning and Artificial Intelligence (AI) will be used to construct more complex and highly targeted lures.

Further out, a few experts have predicted a growing role for Al, in both facilitating cyber attacks and in defending against them. MIT predicts that 2018 will see the emergence of an AI-driven arms race as hackers use AI to sharpen their phishing attacks.

Download Cyber Newsletter

For further information, please contact Sarah Stephens, Head of Cyber, Content and New Technology Risks on