Paubox blog: HIPAA compliant email made easy

Threat report: 419 cybersecurity threats per minute

Written by Ryan Ozawa | December 01, 2020
An average of 419 cybersecurity threats per minute were detected in the second quarter of 2020, according to the latest Threats Report out of McAfee Labs. That represents an increase of about 12 percent over the previous quarter. "After a first quarter that led the world into a pandemic, the second quarter of 2020 saw enterprises continue to adapt to unprecedented levels of employees working from home and the cybersecurity challenges the new normal demands," the firm says.

Who is McAfee Labs?

Founded in 1987, McAfee is a global computer security firm headquartered in Santa Clara, California. With over 6,000 employees, the company describes itself as "the device-to-cloud cybersecurity company." In addition to its endpoint security software, which is one of the world's most widely installed security software programs, McAfee also operates McAfee Labs, which houses an extensive research team and a global array of millions of sensors that monitor common threat vectors, including files, web technologies, messaging platforms and networks. The company describes McAfee Labs as "one of the world’s leading sources for threat research, threat intelligence, and cybersecurity thought leadership."

 

What does the latest report say?

The 27-page survey of malware, ransomware, and other cybersecurity threats is the latest in a series of reports from McAfee Labs. In addition to the 12 percent increase in the number of threats per minute, the November 2020 edition found:
  • New malware aimed at Microsoft Office spiked 103 percent over the previous quarter, including notable growth due to PowerShell hacks, namely Donoff.
  • New PowerShell malware increased 117 percent.
  • New coin miner malware increased 25 percent.
  • New Linux malware increased 22 percent, in part due to Internet of Things (IoT) hacks.
  • New mobile malware rose 15 percent, including Android adware.
SEE ALSO: Smart Device Security Needs Higher Priority in Healthcare There was some good news:
  • Malware aimed at Apple technologies dropped, including a 77 percent decrease for iOS, and an 8 percent decrease for MacOS.
  • New Javascript malware decreased 18 percent, including Javascript-based coin miners.
The report covers a number of other topics, from the vulnerabilities of the hybrid cloud systems being embraced by businesses during the pandemic, to threat vectors aimed at apps hosted on Amazon Web Services, to the security implications of Temi, a personal telepresence robot being pitched at both medical and retail industries.

 

What about email threats?

McAfee Labs notes that scammers are taking advantage of the fear around the COVID-19 pandemic, sending phishing and scam emails to Microsoft OneDrive users, pretending to be emailing from the government, consulting firms, or charitable organizations to steal victim’s OneDrive details. For example, scammers pretend to be from government offices and deliver documents that contain the latest questionnaire regarding COVID-19. Scammers have also attempted to trick users with secured documents and emails from fake charitable organizations, attempting to trick their volunteers. "Governments do not generally email the masses, sending unrequested documents, so a user could verify by examining the sender email address and location in the email headers and could visit the legitimate government site to see if there is COVID-19 information there instead," the report notes.

 

How can I protect myself?

As we've noted, OneDrive can be HIPAA compliant, but that doesn't prevent human error from occurring. Therefore, investing in ongoing cybersecurity training is important. Also, Paubox Email Suite, our HITRUST CSF certified  HIPAA compliant email solution, provides seamless encryption on every email by default.  Our Plus and Premium plan levels come with inbound security tools such as ExecProtect, which detects  display name spoofing attacks, and  DomainAge, which catches scam emails coming from newly registered domains that are too new to be on security blocklists. Our Premium plan level comes with data loss prevention (DLP) features as well, to protect against employees either accidentally or maliciously emailing unauthorized sensitive content to the wrong party.
 
Try Paubox Email Suite for FREE today.