Hospitals Targeted in Recent Phishing Email Scam
Hospitals in the northeast are on high alert after cyber attackers recently launched phishing emails to send malware to healthcare executives. As a result, several hospitals in Massachusetts either shut down email systems or installed more aggressive email filters. There have also been recent reports of phishing emails targeting hospitals and healthcare providers in New York and New Jersey.
Hospital executives received an email on Oct. 29 looking for hospital coronavirus statistics, and claiming to be from the U.S. Department of Health and Human Services. However, the email was fraudulent and if one employee clicked on a targeted link, the entire hospital IT system could have been paralyzed.
The healthcare system has become one of the biggest victims when it comes to Cyber Security. According to HealthcareIT, the lack of Cyber Security awareness among healthcare organizations has translated into healthcare systems being exposed to hackers and phishing.
Cyber attacks are more frequent with the pandemic and the president election as cyber criminals try to exploit busy hospitals and administrators working from home. In fact, the FBI and government officials have warned of an imminent cybercrime threat to U.S. hospitals, putting patient care operations in jeopardy.
Without continual upgrades or the proper monitoring, Norton predicts that cybercrimes will cost the world $6 trillion a year by 2021, with healthcare among the most impacted.
While the solution to hire an internal CISO, seems obvious there is an overall shortage of security professionals across all sectors. This means an administrator, not a trained specialist, must maintain ongoing security training or the company simply won’t be able to keep up with the latest trends or threats.
Also, COVID-19 opened hospital doors and doctors’ offices to thousands of new patients in 2020 which increased the volume of data being processed daily. Telehealth provided the opportunity for healthcare professionals to still treat patients but from the safety of their homes, which also created new access points through the use of apps on phones, tablets, and desktops leaving sensitive information traveling back and forth between patients and medical professionals, often unsecured.
Training is not the only issue when preventing cyberattacks. Organizations need to be just as concerned about the age of their systems as they are about staying updated with their training.
Healthcare centers are often using older systems that are embedded within other devices and can’t be easily upgraded. Without the ability to properly upgrade equipment, healthcare centers are more vulnerable than ever.
Thrive’s team of experts provide customized solutions based on the specific needs of each healthcare organization, from a secure Cloud that meets the privacy needs of HIPAA and other regulations, or Cyber Security solutions that deliver comprehensive protection around patient data.
Thrive’s NextGen services provide each customer with a unique strategy to optimize and protect their business data and applications, including access to the latest Cloud and on-premise technologies, advanced Cyber Security best practices, advanced networking solutions, compliance, and governance assistance.