Sophisticated cyberattacks targeting hospitals ahead

We’ll see new, more sophisticated data breaches in 2017 as healthcare remains the most targeted sector among cyber criminals, according to predictions from credit-reporting agency Experian.

While health insurers were a favored cyberthreat target in recent years, the report sees criminal interest expanding to other sectors, such as hospitals’ distributed networks, which are harder to secure than centralized systems.

RELATED: Cyber disasters top concern for payer, provider PR pros

Ransomware will also continue to evolve against healthcare organizations. Because it carries the catastrophic potential to disrupt healthcare operations, victims are more likely to pay the ransom, which will only fund criminals’ further research into new ways to launch more sophisticated attacks, according to the whitepaper. And new variants are likely to be able to evade detection by current systems used to stop attacks, it says.

Healthcare organizations must have contingency plans in place for dealing with ransomware attacks, it stresses, as well as provide security training for staff.

The effects of breaches are expected to be long-lasting. In what it calls “aftershock” breaches, just as an earthquake can be followed by numerous aftershocks, personal information can be sold over and over on the dark web, forcing breached entities to continue dealing with the effects of stolen information even years later.

This will likely push more organizations to implement two-factor authentication, it says, sounding a death knell for the password.

Due to uneven implementation of chip-card technology, it predicts ongoing payment-based attacks, including new breaches through point-of-sale skimmers.

RELATED: Threat analysis center aims to engage smaller healthcare organizations

It warns that virtual and augmented reality technology pose new potential targets for hackers. New international breach laws will pose challenges for multinational companies, and most alarmingly, it foresees attacks on critical infrastructure as acts of war. It urges organizations across industries to work with their Information Sharing and Analysis Center on emerging threats and have contingency plans in place to deal with full-scale disruption.