A new Proofpoint report provides ideas on the cyber threats that healthcare companies run into and the most prevalent attacks that bring about healthcare data breaches.
Proofpoint’s 2019 Healthcare Threat Report reveals the evolving threat landscape and how the methods employed by cybercriminals are in a continual state of flux.
The research, which was carried out from Q2, 2018 to Q1, 2019, reveals how the various malware made use of in attacks frequently change. In Q2 of 2018, ransomware was a common sort of malware and was employed in numerous attacks on healthcare companies, nevertheless, ransomware incidents decreased swiftly as cybercriminals opted for banking Trojans. For the next three-quarters of the research, the preferred malware of cybercriminals was banking Trojans, though ransomware is presently becoming common again.
Proofpoint’s research reveals that banking Trojans were the major malware problem for healthcare companies during the research period. Banking Trojans were responsible for 41% of malicious payloads sent through email from Q2 2018 to Q1 2019. In Q1 2019, the major threat was due to the Emotet banking Trojan, which was responsible for 60% of all of the malicious payloads.
Though phishing attacks are a continuous threat, there were a higher number of malware attacks during the study period. Nevertheless, phishing attacks have gone up significantly in 2019. Malware is usually propagated by means of email attachments. Another technique is via URLs. The inserted links could lead users to phishing web pages where credentials are ripped off. But they could likewise send healthcare personnel to web pages where malware is unknowingly downloaded. Malicious URLs are utilized in 77% of the email-based attacks over the period of study.
The recipient is more probable to open malicious email messages when he/she knows the sender o the email. 95% of targeted healthcare providers got email messages that faked their own trusted domain and 100% of targeted healthcare providers had their domain faked in phishing attacks on their company partners and patients.
Targeted healthcare providers acquired an average of 43 imposter messages in Q1 2019, a growth of 300% from Q1 2018. The attacks impacted an average of 65 employee members at every healthcare company.
Although the email subjects were quite assorted, the subject lines generally included the terms “payment”, “urgent”, or “request.” Those terms were used in 55% of malicious email messages. Malicious emails are often sent during work hours when staff members are at their workstations, normally from Monday to Friday, from 7 am to 1 pm.
Although cybercriminals still utilize the spray and pray strategies to send their phishing email messages and malware to the most number of people, a lot of healthcare email attacks are very targeted. Proofpoint reviewed email attacks at a few healthcare companies and observed that certain persons are far more targeted compared to others.