Advanced Email Attacks Skyrocket in Healthcare

September 26, 2023 - Advanced email attacks remain a top threat to organizations around the world, including those in the healthcare sector, Abnormal Security observed in its latest blog post. Abnormal saw a 167 percent increase in advanced email attacks in 2023, which included business email compromise (BEC), malware, credential phishing, and extortion.

“Healthcare is a laudable industry—helping alleviate patient suffering, improving health outcomes, and keeping a highly complex interconnected system running. But cybercriminals see things differently. They recognize that healthcare organizations house valuable data and abhor slow-downs in their operations,” the blog post noted.

“This makes them prime targets for attacks, and especially socially-engineered attacks like business email compromise, known as BEC.”

In early 2023, advanced email attacks averaged 55.66 attacks per 1,000 mailboxes, peaking at more than 100 attacks per 1,000 mailboxes in March.

“Numbers dropped to more consistent levels of nearly 61.16 attacks through the rest of the year,” the blog post added. “But if last year is any indication, these numbers are going to continue to rise until the holiday season, when cybercriminals will take a short break before starting their work again in the new year.”

As previously reported, social engineering via phishing and other tactics remains an easy way for bad actors to gain network access. Abnormal Security’s H1 2023 Email Threat Report found that behind the transportation and automotive industries, healthcare employees were the most likely to read and reply to malicious emails.

The latest blog post shows that although phishing and malware are still top threats, text-based BEC attacks are on the rise. Comparing data collected from January to August last year and this year, the median number of BEC attacks increased by 279 percent, from .22 attacks in 2022 to .84 attacks in 2023.

Abnormal Security encouraged healthcare defenders to keep an eye on BEC attacks, considering recent data from the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3). The IC3’s latest Internet Crime Report observed an uptick in phishing as well as advancements in BEC.

“As fraudsters have become more sophisticated and preventative measures have been put in place, the BEC scheme has continually evolved in kind,” the IC3 noted.

“The scheme has evolved from simple hacking or spoofing of business and personal email accounts and a request to send wire payments to fraudulent bank accounts.”

With this in mind, healthcare organizations should continue to proactively address cyber risk by training employees on the warning signs of email compromise, as well as implementing technical safeguards.