Patients have become aware of phishing attacks and ransomware against healthcare providers. Many receive letters informing them of a recent security breach of their personal information. Hackers often use social engineering attacks by impersonating healthcare organizations and asking patients for additional personal information.
Healthcare ransomware is growing in complexity and effectiveness
The impact of phishing attacks costs the healthcare provider, the insurance company, and the patients millions of dollars per year. Only 22 percent of healthcare organizations surveyed reported feeling confident enough to inform senior management about the potential negative consequences of not addressing their organization’s security needs.
Cybercriminals’ primary target in these incidents was medical records, which rank among the most valuable types of personal info for cybercriminals because they include names, addresses, birthdays, and social security numbers. On black market sites, electronic health records can sell for as much as $1000 apiece – far more than any other personal info. To put that into perspective, a Chinese hacker who was charged for a similar incident received no jail time after he stole as many as 80 million patient records – a treasure trove that could be worth hundreds of millions.
Cost of phishing attacks and ransomware in the healthcare space
According to an analyst, email deliverable ransomware has increased 109% since 2017. Seven hundred sixty-five healthcare organizations were attacked last year, with average ransom payments totaling more than $41k.
Types of phishing attacks
Phishing scams are becoming increasingly sophisticated. Scammers are using new technologies to trick people into giving them personal information. Phishing attacks come in various forms and methods:
- Whaling phishing – Email phishing directed at a high-level executive within an organization
- Barrel phishing – Two-prong email attack. The first email was designed to be a regular content message. The second email would contain malicious content or URL redirecting a user to a phishing hacker site.
- Spear phishing – Email phishing is directed at a specific individual within the organization. The hackers often research this individual on social media before sending the phishing email.
The success of phishing messages is often tied to realism and authority—they may appear to be from a source such as a hospital IT department and warn users that their accounts will be shut off if they don’t “update” them by entering their passwords.
Phishing websites, which users access after clicking links in emails, are often designed to mimic institutional sites with misappropriated logos and similar designs, and they have addresses that resemble official sites, sometimes with minor misspellings or a lowercase letter, L replaced with the number 1.
Over time, phishing attacks have become more sophisticated, with higher quality emails and more convincing sites for capturing credentials.
Despite being a primary target of hackers, healthcare lags behind other industries regarding educating its employees about cybersecurity.
Protecting the healthcare email channel from phishing attacks
Prevention technology alone can not stop phishing attacks. Only through a comprehensive approach combining email security platforms, security awareness training, and obtainable security policy enforcement can organizations reduce the risk of phishing attacks and malicious software downloads.
Going beyond security awareness training programs
Awareness of phishing email attacks must be top of mind for IT staff and employees. A regular and frequent awareness training session should be held. An annual briefing on this subject is not enough. It is essential for everyone involved to know what they can do to protect themselves.
Employees trained at least once or twice per year were more likely to be aware of these issues, highlighting the importance of investing in regular and thorough security training.
Security awareness training is a proven method to help educate users on phishing email attacks. However, the overall reduction of the attack surface still became a challenge as most end-users did not retain the knowledge from the training or chose to ignore corporate security policies.
Security awareness continues to evolve in delivery methods and knowledge-sharing frequency. Many organizations have extended security awareness into various new programs designed to promote better cultural unity for cybersecurity. Some organizations have even allowed more visibility to corporate personnel on the SecOps and DevOps dashboards.
Complementing user training with SecOps visibility
By leveraging a uniform visibility program, employees can see firsthand the actual attacks happening against their organization and the impact these events have. Using this open visibility strategy, CIOs and CISOs hope to instill a culture where everyone in the organization is a “security operations team member.”
Enabling a consolidated, holistic email security platform to reduce phishing attacks
Cloud-based email security strategy should integrate several adaptive controls to support the entire anti-phishing process. Organizations leveraging platform and vendor consolidation strategies recognize instance value in ease-of-use management, faster resolution combating cybersecurity attacks, including ransomware, and reduction of the cost of license and overall operation.
Legacy architectures, including solutions from several vendors to deal with email security email solutions, often create more attack surfaces. These general complex architectures relied on vendors working together, leveraging and interconnecting with each other’s systems. Due to development efforts and competitive market issues, clients often began to see more attacks through their email security platform with this legacy approach.
Trustifi’s holistic email security platform alignment with healthcare security
Trustifi’s holistic email security service offers several capabilities for healthcare clients, including one-click compliance for email encryption, data loss prevention, inbound and outbound phishing, malware protection, and email-managed detection and response offering.
- The Trustifi Inbound Shield™ is cloud-based, easy to install, and doesn’t require any architecture changes. You get peace of mind that your emails are protected from suspicious emails and zero-day attacks without any complex setup or concerns about missing email messages. Plus, it deploys in minutes, not days.
- The Trustifi Outbound Shield automatically scans with an enhanced security engine and encrypts outgoing email messages according to administrators’ policies, so any emails that contain sensitive information are automatically secured.
- The Trustifi One-click for compliance for encryption. With the One-Click Compliance tool, administrators can easily set the platform to screen emails to ensure they automatically comply with more than ten regulatory compliance guidelines, including HIPAA, PCI-DSS, GPDR, CCPA, NIST-800-53, FERPA, and ISO 27000 series.
- The Trustifi Data Loss Prevention. The system automatically scans outgoing emails and applies the rules set by your administrator, then finds the keywords and automatically encrypts and locks the relevant outgoing emails without any input from the user.
Simplifying the email protection experienceThe need for greater email security to deal with phishing and ransomware has never been more important than now. The need to make the user experience easier is also paramount. Every user capability, including sending and receiving messages, encrypting emails based on a DLP rule, and finding lost messages, is a positive strategy to change the current email security culture. If a user has difficulty encrypting a statement, in most cases, they will still send the message in the clear, possibly exposing sensitive data.
Comprehensive protection with Trustifi email security
Healthcare organizations continue to be challenged with legacy email security solutions relying on interoperation between vendors to work correctly. Trustifi, a global leader in the cloud-based email security market, consolidates all protection controls into one platform.
Trustifi’s international experience in healthcare is a proven leader in stopping real-world threats, phishing attacks, spear phishing emails, and business compromise email impostor accounts.
Trustifi single console for ease-of-use managementWith a limited IT and security staff at most healthcare organizations, the clients need security solutions to manage more efficiently while meeting HIPAA, PCI, and other compliance mandates.
Trustifi’s email security services feature a comprehensive suite of email tools for advanced threat protection, data loss prevention, and enterprise email encryption.
- Enables email authentication for both inbound and outbound emails.
- Protects against data loss from outbound emails.
- Enables rapid response to threats and sophisticated threats and attacks.
- Advanced Threat Protection against malware attacks
- Detection and prevention of email-borne threats and spam emails
- Spoofing, phishing, and fraud detection
- Email account compromise
- Zero-day threats
With Trustifi vendor consolidation and reduction of resource cost allocation, they align with the needs of the healthcare providers while not compromising on email protection, all with a single pricing model.
Trustifi offers consolidated solution pricing for better cost savings to support the healthcare marketplace. Trustifi requires fewer security operations, time allocation, and management resources. The solution is API based, not an appliance requiring a complex re-configuration of your email flow. Trustifi installs in minutes and requires no maintenance or upkeep. Trustifi’s Email detection and response (EMDR) offers clients access to experts to assist with the implementation.
Culture
As a global cybersecurity provider of both inbound and outbound email protection, Trustifi currently supports customers from countries including the USA, Canada, Brazil, the Dominican Republic, the UK, the Netherlands, India, the UAE, China, Japan, Cyprus, the Philippines, and more. The company has also developed “One-Click Compliance” capabilities that cater to world security regulations, including PDPO for Hong Kong, POPI for South Africa, GDPR for Europe, and LGPD for Brazil.
