Ransomware attacks surge in healthcare; surgical groups & orthopedic partners impersonated — 6 report findings

Healthcare ransomware attacks exploded in the third quarter of 2017, with 40 million attacks using malicious URLs or attachments in that quarter alone, according to Proofpoint's 2018 Healthcare Threat Report.

Cybercriminals switched tactics in the fourth quarter, but ransomware techniques could return as a significant threat.

Proofpoint analyzed more than 100 million ransomware emails sent to hospitals, clinics and health insurers in the 12-month period ending March 31, 2018.

Here are six key findings from the report.

1. There was a high instance of business associates such as surgical groups, orthopedic partners and dentists being impersonated.

2. Almost one in five emails claiming to be from a healthcare organization was fraudulent. Approximately 8 percent of fraudulent emails impersonated the email domain of a healthcare institution.

3. More than three-fourths of attempts at email fraud used "payment," "request," "urgent," or "FYI" in the subject line.

4. Swapping characters such as "I" and "L" was a common way to create lookalike domains.

5. Attackers attempted to steal protected health information by using a trusted domain to send malicious messages; designing an email's "from" field to fool recipients; and registering a domain that looks like a trusted one.

6. Locky was the top ransomware variant. Other malware families targeting healthcare organizations included The Trick, Global Imposter, Pony and Hancitor.

More articles on improving performance:
3 insights into ophthalmology best practices from Wills Eye Hospital
Surgery Center of Quincy locked down after bomb threat — 4 insights
Examining the quality metrics of 10 Massachusetts endoscopy centers

 

 

© Copyright ASC COMMUNICATIONS 2019. Interested in LINKING to or REPRINTING this content? View our policies by clicking here.

 

Top 40 Articles from the Past 6 Months