According to a recent report from Experian, a global information services group, businesses can expect to see an increase in the number and severity of cyber attacks in 2017. The report also predicts that a large number of politically-motivated cyber attacks near the end of 2016 will escalate into a larger cyber attack conflict, and that businesses in the financial, security and health care industries will be the most frequently targeted.
As a part of the report, Experian made five major predictions for cyber attacks in 2017:
- Password breaches will contribute to the abandonment of the password as a security measure. Although the theft of login IDs and passwords constitutes a short-term threat, the report states that cyber criminals continue to sell passwords long after they are stolen. And, as businesses and consumers are lured into a false sense of security after their password is unknowingly stolen, passwords alone will begin to fall out of favor. Instead, the report emphasizes that two-factor identification—where two separate pieces of authentication evidence are required—should be used by businesses to defend against cyber attacks.
- New, sophisticated attacks will continue to target the health care industry. Because medical identities and information remains relatively easy to access and profitable for hackers, the health care industry will continue to be a target in 2017. The report also states that large establishments, such as hospital networks, will continue to face threats like ransomware, a type of attack where an organization is “locked out” until a financial ransom is payed.
- Politically-motivated and state-sponsored attacks will become more common. The large number of high-profile cyber attacks at the end of 2016, along with the accusation that many of the attacks were state-sponsored, may lead to businesses being affected by the collateral damage of these attacks. Additionally, the report predicts that such attacks will only grow as politically-motivated hackers seek retaliation against others.
- Hackers will focus on payment-based attacks, despite new credit card security measures. Although the switch to EMV chip cards and the PIN liability shift were expected to protect against payment breaches, uneven adoption could lead to additional cyber exposures in 2017. Additionally, criminals are beginning to use sophisticated skimming machines to steal card data at physical retail and ATM locations.
- International data breaches will cause major problems for multinational businesses. The loss of consumers’ data is a large problem if it occurs in just one country, but multinational businesses must also deal with ever-changing regulations in all of their markets. The United States, EU, Australia and Canada have all passed new regulations that will force businesses to re-evaluate their cyber security plans.