Cybersecurity Breaches Ruled the Last Decade – and it’s Only Getting Worse

As we further digitize our lives, records vulnerable to cyberattacks are compounding into the billions.

In the last decade, the world has undergone a digital revolution. More than half the population – around 4.3 billion people – are now online. While society has benefited from these rapid advances in technology, so has cybercrime. Attacks against individuals, businesses, and governments are rapidly increasing in pervasiveness and complexity. The impact on the economy is significant: In 2018, cyberattacks were estimated to have caused almost $600 billion in global economic damage.

It’s Getting Worse

Breaches of personal, identifiable data have grown exponentially during the last decade; and given the increasingly pervasive use of digital services by consumers, this is not surprising. As individuals trust providers with more of their personal details, the risk they take on increases proportionally – especially because the value of this data for cyberthieves has never been higher.

Large datasets can be commercialized through the “dark web,” a large, global, and anonymous network of cyberexperts, attack tool-providers, and criminals. The dark web provides a marketplace for trading any type of personal data, from email addresses and passwords to medical records.

And as the appeal of launching a cyberraid climbs, so too does the magnitude of the fallout. Some attacks – like a 2012 social media breach – can be self-exacerbating in that the email address and passwords acquired can be used to infiltrate another company’s dataset (In that case, an online storage provider’s dataset was subsequently breached).

Others – like a 2015 attack on an extra-marital dating website that led to suicides and divorces; a 2017 attack on a US credit bureau that exposed personal data, including Social Security numbers, for nearly 150 million Americans; and a 2019 attack on the Singapore Ministry of Health that revealed personal data of HIV-positive patients – can be intimately severe. 

Given our ever-increasing reliance on technology, our exposure to data breaches will continue to rapidly escalate.

Read more: The Seven Most Pressing Challenges Facing Cybersecurity

You Can’t Replace What You Are

The data being breached is growing increasingly sensitive as users share more and more of their personal data – such as location, social media, biometrics, and even medical data – with services in pursuit of a seamless experience, but criminals need only breach some types of data once to cause irreparable damage.

New technology is allowing attackers to use this data in a variety of creative ways, greatly increasing the damage caused. Hacked photos, for example, may have carried low risk in the past, but now machine learning allows criminals to analyse them at scale, and ever-increasing resolution means photos can contain significant information such as fingerprints and facial recognition patterns. Breaches of such data have wide-ranging consequences, including mobile phone access, building security, and passport control at airports. Such data must be used with strong cybersecurity in mind; passwords can be changed but breached biometric information will affect the victims for life.

For details on the haveIbeenpwnd.com dataset and what is included, see here.

*Global security software provider McAfee estimated that cybercrime cost the world economy a total of almost $600 billion in 2018, thanks to advancement in technology helping criminals to attack at scale and monetize data effectively. They estimated this cost using national reported data where available, supplemented by interviews with cybersecurity officials.

Rico Brandenburg

Partner, Oliver Wyman

As co-head of the Oliver Wyman Forum’s Cyber initiative and a partner at Oliver Wyman, Rico Brandenburg leads the Forum team focused on enabling industries, governments, and societies to halt escalating cyberattacks in a more digitized and interconnected world.