Leapfrogging
More data breaches will leverage account leapfrogging.
Perhaps most famously chronicled in the case of the White House and Office of Personnel Management (OPM) network attacks, leapfrogging is where cyber criminals penetrate the network or a personal computing device of one organization to gain valid credentialed access to another organization. In the case of OPM, it appears that attackers were able to penetrate the government agency's network by first compromising at least one computer at KeyPoint Government Solutions, a provider of investigative services for the U.S. government. From the attack on the government contractor in December 2014, attackers were able to use valid credentials to gain access to the OPM that went undiscovered until April 2015. In the case of the White House, it is believed that attackers first penetrated the State Department to then get access to the White House.
Most data breaches occur as a result of a network attack lasting weeks, months or even years. Attackers generally compromise a user's computer or network account through malware, spear phishing or social networking. Once a cyber criminal has access to just a single computing device or account, they can get network access and begin to systematically explore the unfamiliar network and gain additional points of control.
In 2016, we will see more data-breach leapfrogging, as cyber criminals compromise an initial target to gain access to a primary one.