Healthcare cybersecurity threats rise

Healthcare organizations are seeing a higher rate of cyberattacks, with more targeted email campaigns and more staff members being attacked, according to a report from Proofpoint that outlined emerging trends in cyberattacks.

More often, threats are coming from email attacks, including phishing and imposter emails with subject lines and addresses that look like they’re coming from within the organizations.

In fact, during the first quarter of 2019, targeted healthcare companies saw a 300% jump in imposter emails compared to the same quarter in 2018. These emails are typically arriving in mailboxes at 7 a.m. and 1 p.m. during weekdays, the report found. Nearly all––95%–of targeted healthcare companies saw spoofed emails of their own trusted domain, specifically to target patients and business partners.

And attackers aren’t always taking aim at executives only. An average of 65 members of a targeted healthcare organization were attacked during the first three months of 2019. Certain employees can be more visible to attackers, and vulnerability can depend on digital behavior, such as those employees who work remotely or use a company device. And some people tend to draw out more attacks.

People with the most visible email addresses as well as those with shared addresses saw a higher amount of targeted attacks. In many cases, these addresses can suggest the employee has access to data attackers want.

More cyberattacks used malware rather than ransomware, which locks away files until the victims pay a ransom. Ransomware was “rampant” last year, the report noted, but has been on the decline in its use. That could be a result of declining cryptocurrency values, which has been the preferred method of payment by hackers for some time. More organizations may also be better prepared to thwart ransomware attacks.

One of the top malware strains threatening healthcare organizations is called Emotet, which can steal information, serve as a downloader, spambot and more, according to Proofpoint. More than three-quarters of the malicious emails send during the first quarter of 2019 targeting healthcare companies used a URL, with Emotet accounting for a significant proportion.

However, imposter emails are surging the most, and these attacks can be hard to distinguish because “they target human nature,” the report reads. These fraudsters can use attention-grabbing subject lines with email addresses that look like they are part of the organization’s domain. They often use terms like “payment,” “request” and “urgent.”

As cyberattacks continue to grow and hackers look to gain sensitive data, healthcare organizations need to be vigilant in training employees to recognize threats and updating systems to guard against attacks.

Amy Baxter

Amy joined TriMed Media as a Senior Writer for HealthExec after covering home care for three years. When not writing about all things healthcare, she fulfills her lifelong dream of becoming a pirate by sailing in regattas and enjoying rum. Fun fact: she sailed 333 miles across Lake Michigan in the Chicago Yacht Club "Race to Mackinac."

Around the web

Compensation for heart specialists continues to climb. What does this say about cardiology as a whole? Could private equity's rising influence bring about change? We spoke to MedAxiom CEO Jerry Blackwell, MD, MBA, a veteran cardiologist himself, to learn more.

The American College of Cardiology has shared its perspective on new CMS payment policies, highlighting revenue concerns while providing key details for cardiologists and other cardiology professionals. 

As debate simmers over how best to regulate AI, experts continue to offer guidance on where to start, how to proceed and what to emphasize. A new resource models its recommendations on what its authors call the “SETO Loop.”