by Kapua Iao
Article filed in
Emotet Reemerges Targeting the Pharmaceutical Industry
by Kapua Iao
Emotet, one of the world’s most disruptive threats, has reemerged after a lull around Christmas.
According to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), Emotet is a sophisticated, costly, and destructive Trojan.
Those within the pharmaceutical industry, and healthcare in general, must remain on high alert and use HIPAA compliant email when sending and receiving emails.
What is Emotet?
CISA states that Emotet functions as a “downloader or dropper” of other malware.
Once in a system, Emotet can infiltrate an entire network, steal sensitive information, disrupt operations, and harm an organization’s reputation.
Emotet was first reported in 2014 infecting organizations in the banking industry, transforming into a general-purpose malware currently setting its sight on the pharmaceutical industry.
The primary threat actor behind Emotet, TA542, has a massive sending infrastructure.
It uses social engineering, spamming, credential stealing, email harvesting, and attachment downloading to infect and spread rapidly.
Emotet accounted for 11% of all malicious payloads during the first quarter of 2019 from its campaign in July 2019 alone.
On January 13 this year, the campaign reemerged after its hiatus, focusing on the pharmaceutical industry in the U.S., Canada, and Mexico and sending nearly 750,000 emails, the largest seen since April 2019.
By the next day, 12 additional countries and multiple other industries were added as targets.
In the past, Emotet has sent a record 100 million messages in one day, indicating the extent of damages organizations face from Emotet this year.
How can you block and protect your organization?
Every organization must stay on top of such threats so that cybersecurity can be strengthened before a breach even occurs.
CISA and others recommend reinforcing cybersecurity by:
- using layered defenses
- blocking attachments associated with malware or unscannable by antivirus software
- implementing firewall rules and filters such as Paubox Email Suite Plus
- having every employee use email encryption and multi-step authentication
- segmenting and segregating networks to safeguard sensitive data
Finally, each time a new threat emerges, organizations must update employee awareness training; for Emotet, customize modules to address spotting and avoiding malicious emails.
Stay on top of cybersecurity news as the only way to protect your organization from future attacks is by having a solid security program and strong, up-to-date employee training.