Healthcare Industry Sees Sharp Increase in Advanced Email Attacks
The healthcare industry has seen a sharp increase in advanced email attacks this year, according to new data from Abnormal Security. In the year to August 2023, advanced email attacks are up 167% on 2022 levels and business email compromise (BEC) attacks have increased by 279%.
Healthcare organizations are attractive targets for cybercriminals as they store large volumes of highly sensitive data and they are heavily reliant on access that that information. Attacks that prevent access to IT systems and protected health information put patient safety at risk and downtime causes significant financial losses, which makes the industry a prime target for extortion.
There was a significant increase in advanced email attacks early in 2023, which include BEC, malware, social engineering, and phishing attacks. The year started with an average of 55.66 attacks per 1,000 mailboxes in January and increased to more than 100 attacks per 1,000 mailboxes in March, before falling to a consistent average of 61.16 attacks per 1,000 mailboxes for the rest of the year. Based on last year’s data, attacks are expected to steadily increase in the run up to the holiday season.
While text-based BEC attacks only account for around 1 in every 1,000 attacks, these attacks often result in direct financial losses of an average of $125,000 per attack. These attacks can be difficult to detect and block as emails are sent in low volume from legitimate domains with good reputations. The emails lack the red flags that are common in phishing emails such as malicious links and attachments, and often evade email security solutions.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
One example is a campaign where the attacker impersonated the President and CEO of a healthcare network with more than 200 locations in the United States. The email requested a copy of all updated aging statements for customers 30/90 days past due, along with email addresses for the corresponding account payables department. In this attempted attack, the attacker would have been provided with invoice and contact information for all customers of the health network, which would allow convincing emails to be crafted in an attempt to divert payments to the attacker’s account.
In August 2022, there was a median of 0.54 BEC attacks per week but this year attacks have increased by 54% to a median of .83 attacks per week in August. Attacks in the year to August 2023 are up 279% from the corresponding period in 2022, and attacks are expected to continue to increase for the rest of the year. To block advanced email attacks, healthcare organizations need to use email security solutions that leverage artificial intelligence and machine learning to create a baseline of good behaviors against which messages can be assessed, along with behavior-based anti-malware capabilities to block zero-day malware attacks before the malicious messages reach employee inboxes. Technical defenses should be augmented with regular security awareness training for employees and phishing simulations should be conducted to assess the effectiveness of training.