Espionage on biometric data processing systems: Here’s a look at the top threats
- Around 37% of data processing computers had suffered malware attacks in the third quarter of 2019.
- Spyware and RATs designed to steal a wide variety of data accounted for 5.4 percent of all computers analyzed.
Biometrics, which includes fingerprints, voice recognition, facial recognition, or retina identification, is a way to measure a person’s biological characteristics. It has found widespread applications in identity authentication, forensics, and other areas. However, systems dealing with biometric data also come the radar of cybercriminals due to the sensitive nature of the data.
The wide use of biometric data
Biometric data is used widely by government agencies and special services such as police or customs to simplify their investigation process. Besides this, the data has become a part of our everyday lives as it has replaced the traditional authentication methods such as those based on logins and passwords.
With so many applications and software relying on the biometric-based process for authentication, it has raised serious security concerns in the cybersecurity world.
How widespread is the threat?
According to Kaspersky researchers, around 37% of computers that perform the functions of collecting, processing and storing biometric data had suffered malware attack attempts in the third quarter of 2019. This indicates that one in three computers was at risk of malware infection.
The malware in question included spyware and RATs which accounted for 5.4 percent of all computers analyzed. This was followed by malware used in phishing attacks (5.1 percent), ransomware (1.9 percent) and trojans (1.5 percent).
Common threat sources
- Online activity was the main source of threats for biometric data processing systems. These internet-borne threats targeting biometric data processing systems accounted for 14.4% of all threats. This category included malicious and phishing websites as well as web-based email services.
- Threats from removable media and network stood at 8 percent and 6.1 percent respectively for systems processing biometric data. After infecting a computer, these entities were found to be commonly used to download spyware, RATs, and ransomware.
Exposure of biometric systems to cyber threats poses a huge risk for both the service provider and the people who have entrusted them with their biometric data. With a vast trove of identification data available in biometric databases, it is high time for data processing organizations to enhance the security of their critical systems that handle, store, and process such data.