Say “Ah!” A closer look at phishing in the healthcare industry


How resilient is healthcare to phishing?

Healthcare is a favorite – and profitable – target for cyberattacks. If you work for a healthcare company, or if you’re a patient or subscriber, you’re familiar with all the data the industry gathers and threat actors crave: name, date of birth, Social Security number, mailing address, email address, and probably a credit card or two.

As healthcare records have steadily gone digital, the industry has played catch-up with cybersecurity. With its emphasis on patient care, in particular those aspects that drive the bottom line, healthcare has had to refocus on security and risk management. Unfortunately, in many healthcare companies, security budgets lag behind those in other industries.

That’s started to change as healthcare companies pay a steep toll in data breaches: records replacement, remediation, downtime, brand reputation, fines, and even stock price. The damage happens downstream, too. When systems crash, patient care is at risk. So is the accuracy of medical records, which can result in complaints and lawsuits.

This healthcare company stopped a phishing attack in 19 minutes

One Cofense healthcare customer has built an end-to-end phishing defense. It features phishing awareness, reporting, incident response, and threat intelligence.

To encourage employees to report all suspicious emails, the company launched its Phishing Bounty Program. It gives cash or merchandise rewards to any user reporting a verified malicious email. Trained via Cofense PhishMe and armed with Cofense Reporter, motivated employees sounded the alarm on a well-crafted scam.

The email very convincingly spoofed the company’s CEO, asking employees to click on a link to agree to a company policy. The link went to a login page where the attackers harvested credentials, gained the system access, and attempted to reroute automatic payroll deposits.

Some employees were fooled, but many reported the email. The company uses Cofense Managed Triage™, our security orchestration, automation, and response platform. Thus, the emails went straight to the Cofense Phishing Defense Center (PDC) for both automated and human analysis.

Upon verifying the threat, the PDC notified the customer and mitigation began. Only 19 minutes elapsed from the moment the employees received the email to the time the healthcare company blocked the phishing site and retracted the email.

It’s common for breach detection to take over 100 days. By fusing phishing awareness and reporting with response and mitigation, this company prevented a breach in well under half an hour.

To read more about these case studies, see the full whitepaper from Cofense here.

By: Cofense

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.