Healthcare cybersecurity threats rise

Healthcare organizations are seeing a higher rate of cyberattacks, with more targeted email campaigns and more staff members being attacked, according to a report from Proofpoint that outlined emerging trends in cyberattacks.

More often, threats are coming from email attacks, including phishing and imposter emails with subject lines and addresses that look like they’re coming from within the organizations.

In fact, during the first quarter of 2019, targeted healthcare companies saw a 300% jump in imposter emails compared to the same quarter in 2018. These emails are typically arriving in mailboxes at 7 a.m. and 1 p.m. during weekdays, the report found. Nearly all––95%–of targeted healthcare companies saw spoofed emails of their own trusted domain, specifically to target patients and business partners.

And attackers aren’t always taking aim at executives only. An average of 65 members of a targeted healthcare organization were attacked during the first three months of 2019. Certain employees can be more visible to attackers, and vulnerability can depend on digital behavior, such as those employees who work remotely or use a company device. And some people tend to draw out more attacks.

People with the most visible email addresses as well as those with shared addresses saw a higher amount of targeted attacks. In many cases, these addresses can suggest the employee has access to data attackers want.

More cyberattacks used malware rather than ransomware, which locks away files until the victims pay a ransom. Ransomware was “rampant” last year, the report noted, but has been on the decline in its use. That could be a result of declining cryptocurrency values, which has been the preferred method of payment by hackers for some time. More organizations may also be better prepared to thwart ransomware attacks.

One of the top malware strains threatening healthcare organizations is called Emotet, which can steal information, serve as a downloader, spambot and more, according to Proofpoint. More than three-quarters of the malicious emails send during the first quarter of 2019 targeting healthcare companies used a URL, with Emotet accounting for a significant proportion.

However, imposter emails are surging the most, and these attacks can be hard to distinguish because “they target human nature,” the report reads. These fraudsters can use attention-grabbing subject lines with email addresses that look like they are part of the organization’s domain. They often use terms like “payment,” “request” and “urgent.”

As cyberattacks continue to grow and hackers look to gain sensitive data, healthcare organizations need to be vigilant in training employees to recognize threats and updating systems to guard against attacks.

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

The tirzepatide shortage that first began in 2022 has been resolved. Drug companies distributing compounded versions of the popular drug now have two to three more months to distribute their remaining supply.

The 24 members of the House Task Force on AI—12 reps from each party—have posted a 253-page report detailing their bipartisan vision for encouraging innovation while minimizing risks. 

Merck sent Hansoh Pharma, a Chinese biopharmaceutical company, an upfront payment of $112 million to license a new investigational GLP-1 receptor agonist. There could be many more payments to come if certain milestones are met.