Proofpoint has published its latest Healthcare Threat Landscape Report. This shows that healthcare companies were increasingly targeted by cyber criminals, especially at the beginning of the corona pandemic.
In March alone, the sector recorded a 16 percent higher volume of dangerous e-mails than other branches of the economy. In addition, at least one organization from the health sector was attacked in 77 percent of all cyber campaigns.
Healthcare: a worthwhile target for cyber criminals
Health care has been a worthwhile target for cyber criminals not just since the corona pandemic. There are always sensational attacks here. But especially in the wake of the second wave of the virus, which is currently rampant, many are turning their attention to this sector again - this has not gone unnoticed by the attackers either. Accordingly, they try to make use of the importance of this branch of the economy and target health care institutions in a targeted manner.
Proofpoint has therefore taken a closer look at the risk situation of organizations in the health sector - especially in view of the worsening situation over the past few months. Based on a data analysis on the occurrence and content of cyber threats in the past year, with special consideration of the period since the beginning of the pandemic, the US cybersecurity specialist shows in its report how the threat situation in this area has worsened.
Key Findings of the Healthcare Threat Lanscape Report:
- At the peak of the pandemic to date in March 2020, healthcare organizations were receiving around 16 percent more dangerous emails compared to other industries.
- In 77 percent of all cyber campaigns in the first half of 2020, at least one healthcare company received a dangerous email.
- In 90 percent of the BEC attacks (Business Email Compromise, also known as boss scams) in the healthcare sector analyzed by Proofpoint, the email had an empty subject line. For security teams and users, this is an important indication that this is an attempted attack.
Examples of cyber threats in healthcare
- Pharmaceutical industry: As the pandemic was approaching its peak, the TA505 (Threat Actor) hacker group focused specifically on pharmaceutical manufacturers. As part of their campaign, 78 percent of the more than 250.000 malicious emails targeted pharmaceutical and bio-tech companies.
- Hospitals: Proofpoint identified a cyber campaign that targeted gift shops in hospitals using a compromised third-party payment processing solution. Since these shops are often connected to the IT systems of the clinics, this represents a considerable risk for the security of the facilities. In this particular case, the website of the payment processing system was compromised by MageCart. The legitimate e-mails of the provider, whose website had been prepared by the cyber criminals in such a way that they could intercept credit card data, were sent to over 200 organizations. 74 percent of these came from the healthcare sector.
- Fake insurance portal: An unknown group of cyber criminals cloned the online portal of an insurance company and sent e-mails as bait to lure customers of the insurance company to the fake portal and steal access data.
More on this at ProofPoint.com