Despite the seemingly endless amount of large-scale data breaches involving companies like Ticketmaster, British Airways and Marriott International throughout 2018, there was a significant shift in the way hackers operated and the companies that they targeted. 

Big companies, with the large amounts of data that they hold, are typically the targets of the breaches that we hear about. However, according to cybersecurity company 4iQ, which monitors hacker activity across the web, including the deep and dark web, hackers are increasingly targeting unsophisticated and unprotected small businesses as a result of increased investment in cybersecurity.

With regulations such as the European Union’s General Data Protection Regulation, which fines companies €20m or up to 4% of global annual turnover for failing to protect customer data, now in force, there is more pressure on businesses to improve their cybersecurity and data handling processes. It is predicted that cybersecurity spending will reach $300bn by 2024.

However, while enterprises increase their cybersecurity investment, 4iQ’s findings seemingly suggest that small businesses are being left behind, which is leaving them vulnerable to attacks.

This could explain the substantial rise in the number of breaches that occurred in 2018. The company identified a total of 12,449 real breaches throughout 2018, an increase of 424% on 2017.

Evidence of this could be seen in the recent Collection #1 data dump, in which the 773 million email and passwords included in the list were thought to have come from more than 2,800 separate breaches.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Forum users, gamers and voters most at risk

4iQ’s analysis showed that forums and referral websites were most vulnerable, accounting for more than 3,400, or 27.5% of the hacks detected by the company.

Gaming and gambling websites and ecommerce platforms were also particularly vulnerable, with 11.8% and 11.7% of breaches targeting websites in those markets.

However, this was topped by government agencies, of which 12.2%, more than 1,500, breaches targeted. Attacks launched against government agencies climbed 291% since 2017, which is possibly a result of increasingly tense political relationships between the likes of the United States, Europe, Russia and China.

“Government was the largest growing exposed sector in 2018, increasing over 291% from 2018,” said Julio Casal, co-founder and CTO of 4iQ.

“This may be a result of mid-term elections and increasing geopolitical tensions. For the first time, we saw underground brokers actively including citizen data, such as voter databases, as part of their data portfolio.”


Read more: Does SSL really keep you safe? Security certificate sales thriving on dark web