The trillion-dollar pharmaceutical industry now ranks amongst those hit hardest by email phishing attacks. And its simple to see why. Cybercriminals can use lateral phishing attacks to steal IP addresses on research and medicines worth billions of dollars. Health insurers are then barraged with attacks seeking to take precious patient data. Everyone is vulnerable to an extent, but it’s the overworked hospital staff that might be at risk the most. Here are three of the top reasons healthcare employees are the most at risk for phishing attacks.
Rapidly Escalating Attacks
Ransomware developed through phishing emails has grown significantly in the last few years, with over 700 healthcare providers falling victim to these attacks in the previous three years. But the threat landscape is changing quickly. Phishing attempts that successfully bypass security have increased, and cybercriminal’s primary targets in these attacks are medical records. Medical records are incredibly prized possessions by thieves because they often include names, birthdates, addresses, social security numbers, and plenty more. These can all sell for up to thousands of dollars on the dark web, often leading to identity theft.
Increasing Sophisticated Social Engineering Tactics
By mining contact databases, Linkedin profiles, and company websites, cybercriminals can now produce highly personalized emails that are designed to induce stress, curiosity, or appeal to your personal vanity. Busy employees that rush between patients or meetings might check their phone and respond to these malicious emails without really checking if they’re legitimate or not. This is common with healthcare organizations, as mobile-related breaches are common.
Ever-Expanding Attack Surface
One of the biggest factors in all of this is the fact that turnover in hospitals is high, with a consistent influx of new employees. This not only makes a continuous stream of newly susceptible employees but it also further blunts the efficacy of phishing awareness training. Organizations need to take proper precautions for the possible phishing attacks that their companies could be facing with appropriate security setups and employee training.
En-Net Services Can Help Today
Experience a superior method of getting the public sector technology solutions you need through forming a partnership with En-Net Services. Our seasoned team members are familiar with the distinct purchasing and procurement cycles of state and local governments, as well as Federal, K-12 education, and higher education entities. En-Net is a certified Maryland Small Business Reserve with contract vehicles and sub-contracting partnerships to meet all contracting requirements.
To find out more about our hardware services, printing, and imaging services, or to hear more about how a dynamic team can help meet your information technology needs, send us an email or give us a call at (301)-846-9901 today!