Proofpoint reveals top trends in the healthcare industry

Ryan Witt, Industry Practice Leader, Healthcare at Proofpoint discusses the 2019 Healthcare Threat Report and examines the top trends impacting the healthcare industry.

Few industries can claim a mission more critical, data more sensitive, or operations more complex than healthcare. Unfortunately, these characteristics mean healthcare companies are challenging to protect.

Cyberattacks expose personal health data. Ransomware shuts down emergency rooms. Fraudulent emails defraud business associates, patients, and clinical staff. These threats hurt the healthcare industry’s ability to care for patients.

Healthcare institutions now consider cybersecurity a patient safety issue core to healthcare’s overall mission. This concern is a departure from the earlier part of the decade when cybersecurity was considered a HIPAA compliance issue or mechanism for securing meaningful use funding in support of implementing electronic medical records.

To help healthcare organizations better understand the evolving threat landscape, we analyzed a year’s worth of cyberattacks against healthcare providers, pharmaceutical/life sciences organizations and health insurers. As we analyzed hundreds of millions of malicious emails, one trend stood out: today’s cyberattacks target people, not just infrastructure.

They trick healthcare workers into opening an unsafe attachment or opening a questionable link that leads to malware. They impersonate members of your executive team, instructing staff to wire money or send sensitive information. And they hijack patients’ trust with scams that cash in on your organization’s brand equity.

According to our research:

  • Targeted healthcare companies received 43 imposter emails in first quarter of 2019, a whopping 300% jump over the same quarter last year. Within affected healthcare companies 65 people were targeted by spoofed email, and 95% of those companies saw emails spoofing their own trusted domains.
  • Subject lines that included “payment”, “request” “urgent” and related terms appeared in 55% of all imposter email attacks.
  • 77% of email attacks on healthcare companies used malicious URLs.
  • Banking Trojans were the biggest threat to healthcare companies over the period of our research.
  • Factors such as access to critical data or systems, having a public facing email, can make anyone a highly targeted person.

While the cyberattack techniques against healthcare organizations vary and evolve, one common thread is that they attack people, not just technology. They exploit healthcare workers’ curiosity, time constraints in acute care settings, and their desire to serve. Combating these attacks requires a new and people-centered approach to security.