As the world adjusts to the challenges of remote working, it’s also a time for increased cyber attacks. Cyber criminals are targeting personal data, and the healthcare industry is feeling the pressure more than any other market. SEE ALSO: Growth of Coronavirus Themed Cyberattacks With data breaches in 2019 resulting in hundreds of thousands of records with PHI (protected health information) being leaked, it is critical that providers are aware of the most common forms of malware that exist and the steps they can take to protect themselves.
What exactly is malware?
Malware, or malicious software, is an all-encompassing term used to describe any intrusive software that aims to gain access to a computer network to exploit sensitive information. SEE ALSO: New COVID-19 Themed Malware Campaign Malware can come in many forms, ranging from viruses, adware, spyware, ransomware, etc. But how does malware get access to a network in the first place?
Here at Paubox we publish monthly HIPAA Breach Report analyzing breaches that affect 500 or more individuals as reported in the HHS Wall of Shame. Each month email is consistently the largest threat vector, meaning that hackers use email phishing or other tactics to trick people into giving them access to a system. Email breaches often include a number of different tactics such as display name spoofing , which masks an email’s display name to appear as though it is from a trusted source, causing the recipient to mistakenly click on the corrupt content. Most recently in our June 2020 HIPAA Breach Report, email was again the most comment breach type, with 417,051 people’s PHI affected from eight different breaches. Data breaches often originate from a single error from a single person, but they can have devastatingly lasting consequences—especially in the healthcare industry.
Malware malpractice in healthcare
Security breaches can be especially dangerous in the healthcare industry. As hospitals collect immense amounts of sensitive information from their patients, they become prime targets for cyber criminals looking to maliciously gain access to sensitive records. In a recent case, a hospital in Colorado fell victim to ransomware. Hackers set up an automated file encryption program which locked the hospital out of five years' worth of patient records unless they paid a ransom. There are steps that hospitals can take to lessen the likelihood of a cyber attack, such as limiting access to potentially harmful websites. However, email is the prevailing source of cyber attacks, and user error is the leading cause of malware access. So what solutions can help healthcare providers protect themselves?
Paubox Email Suite Plus: immunizing healthcare data
In order to protect healthcare providers against data breaches from malware attacks, a solution needs to address the leading source: email. Paubox Email Suite Plus not only allows providers to send HIPAA compliant email without requiring passwords or portals, but it also provides protection against display name spoofing, stopping spoof emails before they even hit the inbox. As the industry’s leading HITRUST CSF certified email encryption solution, Paubox is uniquely positioned to revolutionize and empower healthcare providers to finally protect themselves against harmful cyber attacks and devote more time to providing exceptional care to their communities.