Experian: Biometric hacking among top cyberthreats for 2019
05 December 2018 16:53 GMT

Experian's sixth annual Data Breach Industry Forecast sees biometrics being a new risk area for hacking.

Attackers will zero in on biometric hacking and expose vulnerabilities in touch ID sensors, facial recognition and passcodes. Biometric data is considered the most secure method of authentication, but it can be stolen or altered, and sensors can be manipulated and spoofed or deteriorate with too much use.

"Expect hackers to take advantage not only of the flaws found in biometric authentication hardware and devices, but also of the collection and storage of data. It is only a matter of time until a large-scale attack involves biometrics either by hacking into a biometric system to gain access or by spoofing biometric data. Healthcare, government, and financial industries are most at risk". "

It said organizations need to ensure their biometric systems are secure in all layers. Biometric data should be encrypted and stored in secure servers. Privacy regulations may come into play in how biometric data is treated in the future, although now it is fairly unregulated. Until sensors, scanners, and other hardware are better able to detect anomalies, biometrics should be used as part of a multi-factor authentication system. Attackers will zero in on biometric hacking and expose vulnerabilities in touch ID sensors, facial recognition and passcodes.

"Biometrics are an increasingly popular form of authentication. While biometric solutions offer a security layer for data, biometric data will gain value to cybercriminals and is at risk for theft and fraud."

"Hackers have become very nimble at outsmarting protection measures. Cybercriminals always seem to stay a step ahead of new security gates," said Michael Bruemmer, vice president of Data Breach Resolution at Experian. "We use the power of data to help businesses make the right decisions, and we issue our Data Breach Industry Forecast each year to give them a competitive edge. Our predictions look at where hackers may go next to exploit vulnerabilities so companies can safeguard themselves against these future threats."

Skimming is the next frontier for an enterprisewide attack on a major financial institution's national network, which could result in millions of losses. Credit card skimmers are hidden devices designed to steal card information and passcodes. Criminals are now going after bank networks — moving beyond attacking individual ATMs by loading malware into entire computer systems.

The firm said "a major wireless carrier will be attacked with a simultaneous effect on both iPhones and Android, stealing personal information from millions of consumers and possibly disabling all wireless communications in the United States. Similar to an attack on critical infrastructure, a serious disruption to a wireless network would halt the nation."

"It's a matter of when, not if, a top cloud vendor will suffer a breach, compromising the sensitive information of major companies. The only question is how long it will take hackers to go to the cloud, affecting the world's largest companies and potentially billions of pieces of data".

The online gaming community will be an emerging hacker target, with cybercriminals posing as gamers and gaining access to the computers and personal data of trusting players. A cybercriminal can easily pose as a gamer or take over an avatar to infiltrate games and communities, stealing personal and credit card information and valuable game pieces and tokens.