Healthcare organizations are seeing a higher rate of cyberattacks, with more targeted email campaigns and more staff members being attacked, according to a report from Proofpoint that outlined emerging trends in cyberattacks.
More often, threats are coming from email attacks, including phishing and imposter emails with subject lines and addresses that look like they’re coming from within the organizations.
In fact, during the first quarter of 2019, targeted healthcare companies saw a 300% jump in imposter emails compared to the same quarter in 2018. These emails are typically arriving in mailboxes at 7 a.m. and 1 p.m. during weekdays, the report found. Nearly all––95%–of targeted healthcare companies saw spoofed emails of their own trusted domain, specifically to target patients and business partners.
And attackers aren’t always taking aim at executives only. An average of 65 members of a targeted healthcare organization were attacked during the first three months of 2019. Certain employees can be more visible to attackers, and vulnerability can depend on digital behavior, such as those employees who work remotely or use a company device. And some people tend to draw out more attacks.
People with the most visible email addresses as well as those with shared addresses saw a higher amount of targeted attacks. In many cases, these addresses can suggest the employee has access to data attackers want.
More cyberattacks used malware rather than ransomware, which locks away files until the victims pay a ransom. Ransomware was “rampant” last year, the report noted, but has been on the decline in its use. That could be a result of declining cryptocurrency values, which has been the preferred method of payment by hackers for some time. More organizations may also be better prepared to thwart ransomware attacks.
One of the top malware strains threatening healthcare organizations is called Emotet, which can steal information, serve as a downloader, spambot and more, according to Proofpoint. More than three-quarters of the malicious emails send during the first quarter of 2019 targeting healthcare companies used a URL, with Emotet accounting for a significant proportion.
However, imposter emails are surging the most, and these attacks can be hard to distinguish because “they target human nature,” the report reads. These fraudsters can use attention-grabbing subject lines with email addresses that look like they are part of the organization’s domain. They often use terms like “payment,” “request” and “urgent.”
As cyberattacks continue to grow and hackers look to gain sensitive data, healthcare organizations need to be vigilant in training employees to recognize threats and updating systems to guard against attacks.
Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."