Email-Based Cyberattacks on Healthcare Organizations Increasing


HIMSS Analytics conducted a study for email security firm Mimecast. The survey results showed that 78% of healthcare organizations had been attacked by ransomware or malware in the past 12 months. Many of the survey respondents had more than 12 ransomware or  malware attacks in the last 12 months.

According to 37% of surveyed healthcare providers, the number one attack vector of ransomware and malware is email and the most likely source of data breach. Portable devices, such as laptops, ranked second according to 10% of respondents. Considering the frequency of email-based attacks on healthcare organizations this year, it is very likely that the problem will just continue to increase.

Malwarebytes also conducted a study indicating that ransomware attacks happened 2,000 times more in 2016 than in 2015, which translates to a 62% occurrence rate. According to the 2017 Verizon Data Breach Report, 72% of malware used to attack healthcare providers is ransomware. Ransomware is rated by 83% study respondents as the number one threat, malware is number two, spear phishing attacks and Business Email Compromise (BEC) attacks are last.

Healthcare organizations seriously need to secure their email system as it is the main tool used for communicating protected health information. With the increase in email-based attacks, organizations need to strengthen their cybersecurity to repel email-based attacks. There are three important things necessary to build a cyber resilience strategy: resilience against ransomware and malware attacks; training employees to be more security aware; and securing email.

David Hood, the Cyber Resilience Strategist for Healthcare at Mimecast, offered five suggestions on how to reduce email-based threats on healthcare organizations. These are:

1.       Train employees regarding email-associated risks and have real-time reminders instead of annual training workshops.

2.       All inbound email attachments must be scanned for malware and malware downloaders.

3.       Use a web filtering solution to check the URLs users click.

4.       Check outbound emails to make sure that PHI is not being sent to unauthorized receivers. Check email accounts to know if they are compromised.

5.       Have regular data backups to avoid data loss and ransom payment  in case of a ransomware attack and to avoid