In its fourth annual “Data Breach Industry Forecast” white paper, Costa Mesa, Calif.-based security company Experian gives five data breach trends that are expected to unfold in 2017.
The report stated that while many companies have data breach preparedness on their radar, it takes constant vigilance to stay ahead of emerging threats and increasingly sophisticated cybercriminals. “While some tried and true attacks continue to serve as go-to methods for hackers, there are evolving tools and targets that are likely to become front-page news in 2017. Organizations can’t wait until an attack happens to ensure they are protected—they need to look at the signs early on to start preparing for new types of security threats,” the report said.
Regarding healthcare specifically, “The consequences of a medical data breach are wide-ranging, with devastating effects across the board—from the breached entity to consumers who may experience medical ID fraud to the healthcare industry as a whole. There is no silver bullet for cybersecurity, however, making good use of trends and analysis to keep evolving our cyber protections along with forecasted threats is vital,” said Ann Patterson, senior vice president, Medical Identity Fraud Alliance (MIFA).
As such, Experian has outlined five predictions for the data breach industry for next year. Last year at this time, for the healthcare sector, Experian predicted that big healthcare hacks will make headlines, but small breaches will cause the most damage. Looking back on that prediction, Experian gave itself a “B” grade for that estimation. It said, “In 2016, there were 181 reported healthcare breaches ranging in size from 500 to 3.6 million effected individuals. While several large breaches like Banner Health and 21st Century Oncology lost more than 5 million records combined, small breaches also had a large impact. Breaches impacting 200,000 people or less accounted for 96 percent of all healthcare related breaches and impacted 1,400,872 individuals.”
The 2017 anticipated issues include nation-state cyberattacks possibly moving from espionage to full-scale cyber conflicts and new attacks targeting the healthcare industry:
Healthcare organizations will be the most targeted sector with new, sophisticated attacks emerging. The healthcare sector may continue to be the focal point for hackers as medical identity theft remains lucrative and easy for cyber criminals to exploit. Personal medical information remains one of the most valuable types of data for attackers to steal, and cyber criminals will continue to find a market for reselling this type of sensitive information on the dark web. According to a report from IBM, more than 100 million healthcare records were compromised, making them a hacker’s top target.
Experian also anticipates mega breaches will move on from focusing on healthcare insurers, which served as a popular attack victim in 2015, to focus on other aspects of healthcare, including hospital networks. These more distributed networks present a ripe target for attackers as it is often harder to maintain security measures as compared to more centralized organizations.
What’s more, of the potential sources for a breach, electronic health records (EHR) are likely to be a primary target for attackers. The portable nature of this information and the number of different entities and end-points that need access to them mean the potential for them to touch a vulnerable computer system is high. While there may be significant protections in place to secure them in transit, it only takes one compromised or outdated system to lead to exposure. Further, as more healthcare institutions deploy new mobile applications, it’s possible that they will introduce new vulnerabilities that will also be attractive targets for attackers.
Of the many threats healthcare organizations face, Experian predicts that ransomware will continue to be a top concern in 2017, particularly because a disruption of healthcare system operations could be catastrophic. Ransomware presents an easier and safer way for hackers to cash out; given the potential disruption to a company, most organizations will opt to simply pay the ransom. This has unintended consequences of funding more research and development by attackers who will in turn develop more sophisticated and targeted attacks. These new variants will likely be able to evade many of the security detection systems that were developed and are now widely deployed to stop the previous generation of attacks.
As such, as attackers shift their focus, an increase in hospital breaches means the consequences for healthcare organizations that don’t properly manage this risk will increase. Healthcare organizations of all sizes and types need to ensure they have proper, up to date security measures in place, including contingency planning for how to respond to a ransomware attack and adequate employee training about the importance of security.
Aftershock password breaches will expedite the death of the password. A new industry trend emerging this year, in 2017 Experian predicts “aftershock” breaches as companies are facing the impacts of previous data breaches. As more and more personal credentials are compromised, the risk for users may extend far beyond the initial breach as attackers continue to sell old username and password information on the dark web, sometimes years after the credentials were originally stolen.
As a result, companies that didn’t experience a first-hand data breach may see repeat unauthorized log-ins and be forced to notify their users that their information is being misused. This can be compared to an earthquake “aftershock” where the effects of an attack reverberate and are felt long after the initial disaster. Given the continued success of aftershock breaches involving username and passwords, Experian predicts that attackers are going to take the same approach with other types of attacks involving even more personal information, such as social security numbers or medical information. Experian advises companies to push toward using two-factor authentication to verify users, which helps solve the password reuse problem.
Nation-State cyber-attacks will move from espionage to war. Building upon last year’s prediction that cyber conflicts between countries are leaving consumers and businesses as collateral damage, there may be a clear evolution of these types of threats moving from espionage to active conflict and possibly war between countries.
In 2016, state-sponsored cyber-attacks came up during the U.S. presidential campaign. Both candidates were questioned about the U.S. potential response to the use of targeted cyber-attacks by foreign nations, and each candidate expressed that they would be in favor of using cyber weapons to retaliate against countries. Experian believes that cyber warfare attacks against the U.S. will continue in 2017, and with both presidential candidates taking such a strong and pointed position on how to respond, it predicts an escalation in cyber-attack conflict in 2017.
Read all of Experian’s data breach trends in its report here.