Healthcare top target for cyberattacks in 2017, Experian predicts
Global information services company Experian has released its 2017 data breach industry forecast, and the news is sobering.
Among the report's top five predictions? "Healthcare organizations will be the most targeted sector, with new sophisticated attacks emerging."
Experian sees healthcare as particularly vulnerable to cyberattacks because medical identity theft remains so lucrative and relatively easy for hackers to exploit – and they continue to find markets for reselling patient data.
Electronic health records remain likely to be a top target for hackers, Experian found. Also, as more healthcare institutions deploy new mobile applications, it's possible they will introduce new vulnerabilities that will also be attractive targets for attackers.
"Ransomware presents an easier and safer way for hackers to cash out; given the potential disruption to a company, most organizations will opt to simply pay the ransom," the report states. "This has unintended consequences of funding more research and development by attackers who will in turn develop more sophisticated and targeted attacks."
As attackers shift their focus, an increase in hospital breaches means the consequences for healthcare organizations that don't properly manage this risk will increase, Experian warns. It makes it critical for healthcare organizations to have proper, up to date security measures in place, including contingency planning for how to respond to a ransomware attack and adequate employee training, the report concludes.
Here are Experian's other predictions:
- Aftershock password breaches will expedite the death of the password. "As more and more personal credentials are compromised, the risk for users may extend far beyond the initial breach as attackers continue to sell old username and password information on the dark web, sometimes years after the credentials were originally stolen."
- Nation-state cyber-attacks will move from espionage to war. "Building upon last year's prediction that cyber conflicts between countries are leaving consumers and businesses as collateral damage, we may see a clear evolution of these types of threats moving from espionage to active conflict and possibly war between countries."
- Criminals will focus on payment-based attacks despite the EMV shift taking place more than a year ago. "In 2016, we predicted that the EMV Chip and PIN liability shift would not put an end to payment breaches, and unfortunately, we believe this trend will only continue into 2017. Driven by uneven adoption of the new technology, combined with attackers targeting new industries and adapting their tactics, we predict that payment."
- International data breaches will cause big headaches for multinational companies. "Given the high-stakes in an international breach and the lack of preparedness, we expect that at least one United States multinational company will experience a significant loss in its valuation due to an international data breach in 2017."