ThreatMetrix Predicts Better Info Sharing, Major Internet of Things Security Issues and Bigger, Even More Sophisticated Data Breaches.
While 2015 looks to have more and better information sharing, the difficulty of protecting the Internet of Things (IoT) and the data breaches that plagued major banks, e-commerce giants, healthcare giants, casinos and others in 2014 will continue to grow. They can be expected to increase in sophistication and exposing hundreds of millions more usernames, passwords and credit card details.
So that businesses may be better prepared to meet the challenges and changes in the upcoming year, ThreatMetrix® offers these observations:
Mobile will represent more than half of transactions during the 2015 holiday season
During this year’s Cyber Week, from Thanksgiving Day through Cyber Monday, mobile accounted for 39 percent of all transactions across the ThreatMetrix® Global Trust Intelligence Network (The Network). By next year, ThreatMetrix predicts this number will surpass 50 percent.
Because of the October 2015 EMV deadline, retailers will be making the switch to the Europay-MasterCard-Visa (EMV) payments system. Likely the same retailers will also accept mobile payments such as Apple Pay. These two events will contribute to increasing consumer use of mobile payments.
“Consumers are far more comfortable shopping on mobile devices than they were even a year ago, and that trust is going to continue to grow,” said Alisdair Faulkner, chief products officer at ThreatMetrix. “Unfortunately, many businesses face difficulties determining the authenticity of mobile transactions through hidden cookies and geo-location data. Leveraging a global network of trust intelligence enables businesses to differentiate between previously authenticated users and potential fraudsters and will be the best way to protect sensitive information and customers against cybercrime in 2015.”
Information sharing will continue to rise
While cybercrime threats will grow in sophistication during the coming year, information sharing about those threats within and across industries will also grow. The financial services industry is already paving the way for growth of information sharing via the Financial Services Information Sharing and Analysis Center (FS-ISAC). Additionally, retailers are beginning to see the benefits of information sharing and have established their own group this past year. The Network, which analyzes more than 850 million monthly transactions across 3,000 customers, also provides a shared view of cybercriminals’ activity, enabling companies within The Network to protect their businesses by accurately identifying fraudsters, as well as good customers.
“Businesses in many industries are seeing the benefit of information sharing, and that will continue to increase in the coming year,” said Andreas Baumhof, chief technology officer at ThreatMetrix. “Unfortunately, while information sharing is common practice in some industries, businesses in other industries, such as retail, are often wary of sharing too much information with competitors. However, with today’s highly organized cybercriminals, it takes a network to fight a network. The balance is between businesses sharing good data, not just big data, and maintaining a certain level of trust to stay competitive with one another.”
Cybercriminals will identify new opportunities to compromise personal information
In 2014, there were many high profile data breaches that were deemed “unprecedented.” Hundreds of millions of user accounts have been compromised. The Russian cybercrime ring exposed 1.2 billion passwords in the Home Depot breach. Most recently, the Sony breach has been a sign of cybercriminals shifting their focus to cybersabotage. In 2015, there will be more unprecedented attacks as cybercriminals continue to become more sophisticated.
“There is no end in sight,” said Reed Taussig, president and CEO at ThreatMetrix. “Last year, ThreatMetrix predicted the password apocalypse for 2014 – and the number of major data breaches over the past year targeting user login information shows that prediction was true. There are endless opportunities for hackers to steal personal information, and that’s not going to stop in the coming year – it’s going to get worse. I would venture to guess that in 2015 one of the world’s major stock exchanges may very well be compromised, which has the potential to result in severe economic damage on a global basis.”
The Internet of Things will continue to be a security nightmare
One of the first major hacks to the Internet of Things came early on. It can be nearly impossible to know when one of the many connected devices that are used every day is compromised – from smart phones to washing machines and refrigerators. As more devices are added to the Internet of Things in the next year, protecting these devices will become even more difficult.
“We can’t even protect our most critical assets, so how can we be expected to protect a smart fridge?” said Baumhof. “One of the biggest problems is that many of these tools have a long lifespan and current security systems rely heavily on the ability to patch systems on a regular basis. For most of the devices within the Internet of Things, that practice is not implemented, nor feasible.”
Health systems will become a major target for cybercriminals
This year U.S. healthcare spending hit $3.8 trillion. Unfortunately, almost one-third of that is lost to fraud. As more money is dedicated to the healthcare market, cybercriminals will also be cashing in.
“In major data breaches, cybercriminals target credit cards and login credentials, but there are other sources where money is flowing, and it’s only a matter of time before cybercriminals ramp up their attention toward those industries,” said Faulkner. “In the New Year, insurance, healthcare and pharmacies will be new focuses for fraudsters. As healthcare information makes the shift electronically via the Health Insurance Portability and Accountability Act (HIPAA), fraudsters will find ways through its security holes to commit healthcare fraud and steal personal information.”
ThreatMetrix enables businesses across a wide range of industries – including e-commerce, enterprise and financial services – to securely share information about devices and personas connecting to their sites without sharing any personally identifiable information about customers or visitors. The approach ThreatMetrix takes through anonymizing and encrypting information in The Network offers a model for cybersecurity collaboration that will be essential for companies to protect their businesses in 2015 and beyond.
ThreatMetrix builds trust on the Internet by offering market-leading advanced fraud prevention and frictionless context-based security solutions. These solutions authenticate consumer and workforce access to mission critical applications using real-time identity and access analytics that leverage the world’s largest trusted identity network.
ThreatMetrix secures enterprise applications against account takeover, payment fraud, fraudulent account registrations, malware, and data breaches. Underpinning the solution is the ThreatMetrix® Global Trust Intelligence Network, which analyzes over 850 million monthly transactions and protects more than 210 million active user accounts across 3,000 customers and 15,000 websites.
The ThreatMetrix solution is deployed across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government and insurance.
For more information, visit www.threatmetrix.com or call 1-408-200-5755.