Experian Data Breach Resolution, an arm of the company best known for its credit information, recently released its fourth annual white paper looking at the cyber security problems business is likely to face in the year ahead.

The forecast is far from sunny.

The Data Breach Industry Forecast includes some chilling news for executives concerned about cyber risk. According to the report, as companies prepare stronger defenses, hackers are using even greater stealth to get around them. “While some tried and true attacks continue to serve as go-to methods for hackers, there are evolving tools and targets that are likely to become front page news in 2017,” the report says.

A rundown of the report’s key predictions follows:

  • Prepare for aftershocks. Experian predicts “aftershocks” for companies that were previously breached. “As more and more personal credentials are compromised, the risk for users may extend far beyond the initial breach as attackers continue to sell old username and password information on the dark web, sometimes years after the credentials were originally stolen. As a result, companies that didn’t experience a first-hand data breach may see repeat unauthorized log-ins and be forced to notify their users that their information is being misused.” The report recommends companies use two-factor authentication to verify users and help solve the password reuse problem. Secondary authentication methods, the report says, could include tokens, SMS alerts, geo location confirmation or bio metrics.
  • Nation-states will go to cyber war. Given the number of cyber attacks by foreign countries on U.S. government agencies in the last few years as well as hacks involving the 2016 presidential campaign, the report predicts that “an escalation in cyberattack conflict in 2017.” And business will likely be caught in the crossfire. According to the report, “as countries organize targeted cyberattacks, businesses should prepare for full-on disruption, particularly if they are a part of critical infrastructure. Organizations will need to stay vigilant about their potentially exposed information and take proactive steps to protect themselves, including purchasing proper insurance protection and shoring up their security measures.”
  • Healthcare will be a high-value target. Hackers have focused on the healthcare industry because medical identity theft is lucrative and easily exploited, the report says. “Personal medical information remains one of the most valuable types of data for attackers to steal,” Experian writes, “and cyber criminals will continue to find a market for reselling this type of sensitive information on the dark web.” Ransomware – essentially hacking into a system, taking it over, and forcing an organization to pay a ransom to get it back – will be a top concern. “Ransomware presents an easier and safer way for hackers to cash out; given the potential disruption to a company, most organizations will opt to simply pay the ransom,” the report says.
  • Payment-based attacks will rise. Attackers, the report says, are also going to use new techniques “to steal payment cards through well-coordinated and expansive use of different types of Point-of-Sale (POS) skimmers.” Though cards containing fraud-preventing EMV chips have been issued to many credit and debit card holders, adoption of the payment technology by business has been spotty. “We are likely,” the report says, “to see criminal gangs develop coordinated and widespread skimming operations to ensure the steady flow of payment cards continue to make a significant profit. We predict that at least one major national retailer will be hit with a significant skimming outbreak over the next year.”
  • Multinationals will face headaches overseas. Multinational companies are likely to face a major international breach in 2017 – and those breaches will cause the most significant damage to their reputations. Two factors will exacerbate the problem for companies: The General Data Protection Regulation (GDPR) in the European Union and similar new laws in Canada and Australia are likely to trigger greater consumer awareness around breach notification, and many companies have not yet created a process to manage international data breach incidents. The report says “companies need to start working to comply with the new rules over the next year as scrutiny of their practices and consumer awareness is raised in more markets.”