2016 is wrapping up with the announcement of the largest official cyber breach ever and the release of the fourth annual 2017 Data Breach Industry Forecast released by the nation’s largest credit bureau, Experian. It’s safe to say, cyber threats definitely were a hot topic this last year. And that’s not expected to change in 2017, because the cyber risks are real and the stakes are only getting higher.
Keep reading to find out which major company exposed over 1 billion users’ personal information and more information on these key vulnerabilities to watch out for in 2017:
- Aftershock password breaches will continue after major breaches expose billions of user credentials.
- Cyber-attacks will move from tools of espionage to weapons of warfare between countries.
- Healthcare ransoms and risks increase as electronic health records reveal vulnerability to attacks.
- Retailers threatened by self-checkout skimmers and uneven adoption of Chip technology.
- Bonus: Tax scams and virtual reality pose real world risks.
Ready to defend yourself against the biggest cyber threats of 2017?
Aftershock Password Breaches Will Follow Major Yahoo Breach
2017 is predicted to be the year of the “aftershock” breach. Just like its name implies, an aftershock breach refers to the breaches that occur as a result of a major incident, similar to the damage that can occur after an earthquake as smaller aftershocks hit.
The effects of an “aftershock” cyber breach can be felt long after the initial disaster and cause even more damage.
When a major company experiences a cyber breach, personal information such as usernames, passwords, and answers to security questions can be stolen. This information is later sold on the dark web, a secretive hidden network of websites where criminals regularly traffic and profit from the sale of illegal substances and information.
Hackers can then throw your username and password combination at a number of websites, waiting for one to click like a key finding the right lock. Which means that a company who was never hacked could then have to deal with the repercussions of unauthorized log-ins from stolen username/ passwords. In other words, they experience an aftershock of the original cyber crime.
The After Effects of Yahoo Breaches Will Be Widespread
In 2016, Yahoo made headlines as not one but two giant breaches resulted in aftershock breaches that impacted many. A 2014 Yahoo breach exposed 500 million accounts, and a recently announced 2013 Yahoo breach compromised over 1 billion users, making it officially the largest breach in history. Yahoo has admitted that information stolen may include names, email addresses, telephone numbers, dates of birth, hashed passwords and, in some cases, encrypted or unencrypted security questions and answers.
The aftershock of these and other major cyber breaches are likely to reverberate for years to come as the exposed credentials are sold in the underground economy.
The 2017 Data Breach Industry Forecast had this to say:
“Companies that have never experienced a direct breach will be forced to deal with the aftershock of Yahoo’s loss of user credentials. Given the continued success of aftershock breaches involving username and passwords, we predict that attackers are going to take the same approach with other types of attacks involving even more personal information, such as social security numbers or medical information.”
What Can You Do?
Simple username and password authentication is on its deathbed. Companies should be looking at two-factor authentication solutions such as SMS alerts, biometrics, and geo location confirmation. And businesses of all sizes and across all industries should be aware of the potential for aftershock breaches, and be prepared with cyber liability protection, incident response plans, and customer disclosure and guidance.
Cyber Attacks Move from Tools of Espionage to Weapons of Warfare
Cyber-attacks were a central topic both during and after the 2016 elections. In October, the US government formally accused Russia of cyber attacks against the Democratic Party ahead of the presidential election, and in December, President Barack Obama ordered intelligence agencies to review cyber attacks and foreign intervention into the election, demanding a report be delivered before he leaves office on January 20.
As cyber conflicts between nations escalate, state-sponsored cyber-attacks could very well move from tools of espionage to weapons of warfare between countries.
The Department of Homeland Security lists 16 critical infrastructure sectors as vital to the security, national economic security, and national public health or safety of the US, including the chemical sector, communications, dams, emergency services, financial services, nuclear, water/ wastewater, transportation, energy, defense, and information technology sectors. These critical infrastructures are at a very high risk of cyber-attacks and cyber terrorism.
What Can You Do?
Businesses and companies should be prepared for targeted cyberattacks from other countries, particularly if they are part of the critical infrastructure systems. Organizations are encouraged to stay vigilant about potentially exposed information and take proactive steps to protect themselves, including shoring up security measures and purchasing adequate insurance protection.
Healthcare Ransoms and Risks Increase as Electronic Health Records Reveal Vulnerability to Attacks
The healthcare sector and electronic health records in particular are expected to be a focal point for cyber attacks this coming year. Since 2014, when legislation passed requiring all public and private healthcare providers to adopt electronic medical records, the risk of cyber attacks has increased steadily. It only takes one outdated or compromised system to expose a patient’s medical health records including sensitive information.
More than 100 million health care records have already been compromised, and mega breaches are anticipated to move from health insurers to hospital networks this next year. Ransomware in particular is expected to threaten healthcare organizations. Ransomware is a type of malicious software that is designed to block users out of operating systems, until you pay a ransom to the attackers to let you back in.
Imagine waking up one morning to find your personal computer has been the victim of a virus which has locked down your hard-drive and taken control of your files and folders. You can’t access a thing on your computer, and a message is alerting you that your data and information is being held ransom. If you pay a fee, you can have your personal information back. Your pictures, files, and more can all be set free. If you don’t pay up, however, a complete data wipe is imminent. It will all be lost forever.
Now imagine that scenario played out on a larger scale. How much more money could a cyber criminal receive if they were holding a major healthcare operating system hostage? And how much more valuable is the data that system holds?
What Can You Do?
Healthcare organizations of all sizes and types need to ensure they have proper, up to date security measures in place. This includes contingency planning for how to respond to a ransomware attack, and adequate employee training about the importance of security for electronic health records.
Retailers Threatened by Self-Checkout and Uneven Adoption of New Chip Technology
Uneven adoption of new EMV Chip and PIN technology means retailers are still vulnerable to Point-of-Sale (POS) breaches. Attackers are expected to turn their focus on smaller franchised stores and small retail businesses who are more vulnerable to payment attacks compared to larger, big name retailers.
According to the 2017 Data Breach Forecast, a new technique is expected to be more popular with cybercriminals this year: skimming.
“Attackers are also going to use new techniques in mass to steal payment cards through well-coordinated and expansive use of different types of Point-of-Sale (POS) skimmers. While this technique has been used on a smaller scale by cybercriminals for years, it’s likely to grow, especially in the retail sector as self-checkout terminals become more popular. These skimmers are capable of stealing magnetic stripe data from POS systems even after they’ve been hardened against more traditional malware-based attacks. We are likely to see criminal gangs develop coordinated and widespread skimming operations to ensure the steady flow of payment cards continue to make a significant profit. We predict that at least one major national retailer will be hit with a significant skimming outbreak over the next year.”
What Can You Do?
Retailers are encouraged to transition to EMV Chip technology if they haven’t done so already. Both retail businesses and consumers need to maintain security best practices during this time of ongoing transition and recognize that cyber criminals won’t be completely deterred. Paying close attention to potential weak spots, including catching POS skimmers quickly, can help lower the risk of retail attacks.
2017 Bonus Threats: Tax scams and virtual reality pose real world risks
The 2017 Data Breach Industry Forecast outlines two bonus threats to be aware of this coming year: continuing tax scams and virtual reality risks.
Hackers continue to target companies around tax fraud. The IRS has not taken adequate steps to alert people when a tax form has been filed, and hackers have found that a few targeted emails send to unaware employees can result in large amounts of information with very little effort. These types of phishing attacks are working, largely because of a lack of employee training as well as IRS oversight.
Hackers are finding a new tool for cyber crimes as the popularity of virtual reality grows. The wildly popular game Pokemon Go, for example, encourages users to travel to specific location to catch a Pokemon. By setting up unsecure Wi-Fi hotpots in these locations, hackers can attempt to steal data from victims’ phones. Expect to hear about more virtual reality and augmented reality attacks in 2017 as this technology grows.