Computer security threats to healthcare continue apace; attackers target electronic health records, telemedicine, and patient portals. Last year we covered eSentire’s report that the healthcare industry was facing a growing cyber threat, especially with decentralized data sharing and network-integrated medical equipment. We also reported on the 2018 Unisys Security Index’s report that while consumers are now more guarded about personal information than in earlier years, they also prize medical apps that send alerts and personal data to emergency services and healthcare providers. A 2018 Harris Poll conducted for the University of Phoenix found patients are the weakest link in healthcare data security. The bottom line: all parties in the fast-expanding digital healthcare information exchange have a continuing need for diligence.

Proofpoint reported this month that the incidence of healthcare email fraud attack attempts leaped in the past two years. The company researchers
analyzed email fraud attacks in more than 450 healthcare organizations. They found that the number of emails with fraudulent bills, requests for payment, and redirected payment mechanisms grew 473% between Q1 2017 and Q4 2018.

One common path to email fraud is when cybercriminals go after people in a healthcare organization who routinely handle patient billing or supplier payments. Referring to these individuals as VAPs (Very Attacked Persons), Proofpoint cited an example of a finance department receiving an email purportedly from a known supplier contact with updated account information that includes new payment instructions. A few months might pass before the supplier inquires about missing payments, at which time the fraud is discovered.

As healthcare organizations become more and more decentralized, it becomes increasingly difficult to protect VAPs. Long favorite tools for cybercriminals include look-alike domains and spoofing of email addresses and domains; these are still in common use, according to Proofpoint.

The message to healthcare organizations is to be informed about healthcare cybercrime tactics and trends. It’s nearly impossible to stay ahead of cyber crooks and their next waves of attacks. The most pragmatic course is early identification of new fraudulent schemes while maintaining vigilance against classic attacks through caution and careful verification of transactions.