What are Business Email Compromise attacks?

Malware infiltration via Business Email Compromise (BEC) attacks can compromise healthcare networks, disrupt operations, and endanger patient safety. To protect against these threats, healthcare organizations must prioritize preventative protective methods to guard patient data. 

See also: What is malware?

What are Business Email Compromise attacks?

Business Email Compromise (BEC) attacks are a type of cyber threat in which malicious actors manipulate email communications to deceive employees, particularly those with access to company funds or sensitive information. These attacks commonly involve social engineering tactics, such as phishing emails, spoofed sender addresses, and urgent requests. 

In a BEC attack, the attacker often poses as a trusted individual, such as a senior staff member, vendor, or supplier, and tricks employees into taking actions that benefit the attacker, such as transferring money to the attacker's account, sharing sensitive data, or clicking on malicious links or attachments. 

BEC attacks can result in substantial financial losses, data breaches, and damage to an organization's reputation. 

How BEC attacks target healthcare organizations

1. Patient data theft: Attackers may impersonate trusted individuals within the organization to request patient data, posing as senior staff members or colleagues. They deceive employees into sharing sensitive patient information, leading to data breaches and potential patient privacy violations.
2. Fake invoicing: BEC attackers send fake invoices or payment requests to healthcare organizations, often targeting employees responsible for financial transactions. This tactic can lead to unauthorized payments or diversion of funds to the attacker's accounts.
3. Malware infiltration: Threat actors may use malware to infiltrate healthcare networks and gain access to internal data and systems. They leverage this access to avoid suspicion when initiating fraudulent wire transfers or other malicious activities.
4. Phishing: Phishing emails are commonly employed in BEC attacks against healthcare organizations. These emails appear as if they are from legitimate sources or known individuals, enticing users to click on malicious links or attachments. 
5. Social engineering: BEC attacks frequently rely on social engineering techniques to manipulate employees into taking actions against their better judgment, such as initiating wire transfers or sharing sensitive information.

How to mitigate the risk of BEC attacks

1. Email filtering: Employ advanced email filtering solutions to detect and filter out phishing emails and malicious attachments. 
2. Multi-Factor Authentication (MFA): Require MFA for accessing systems and email accounts, adding an extra layer of security.
3. Strict approval processes: Establish stringent procedures for authorizing financial transactions or sensitive data sharing involving multiple employees for verification.
4. Out-of-band verification: Use out-of-band communication channels like phone calls to verify high-value transactions or changes in business practices.
5. Suspicion reporting: Encourage employees to report suspicious emails promptly and maintain a policy for handling them.
6. Alerts and reminders: Send alerts and reminders to employees and customers about potential phishing scams and policy changes.
7. System hardening: Conduct system hardening to ensure proper security configurations.
8. Disable vulnerable protocols: Disable the use of vulnerable protocols like SMBv1.
9. Blocking suspicious IPs: Block suspicious IP addresses at the firewall to prevent unauthorized access.
10. Whitelisting: Implement whitelisting technology to allow only authorized software to execute.
11. Anti-malware solutions: Use anti-malware solutions to protect against malware infiltration.
12. Data mining: Analyze phishing reports and gather intelligence to prevent future attacks.

See also: What is ransomware and how to protect against it

The effect of BEC attacks on email safety

BEC attacks erode trust in email communications by exploiting the very medium that organizations rely on for legitimate correspondence. BEC attacks often involve email spoofing and convincing impersonations, making it challenging for recipients to distinguish between legitimate and malicious messages. 

BEC attacks compromise the security of individual email accounts and diminish the overall trustworthiness of email communication platforms. To safeguard email safety in the face of BEC threats, organizations need to employ email authentication, security measures, and HIPAA compliant email services.