Cofense Looks Closely at Healthcare Phishing Attacks

September 26, 2018


Cofense, the prominent supplier of human-based phishing threat management solutions, has circulated new research that demonstrates the healthcare industry lags behind other industry sectors for phishing protections and is regularly attacked by cybercriminals who frequently succeed in getting access to confidential patient health data.

The Division of Health and Human Services’ Office for Civil Rights circulates a summary of data breaches informed by healthcare companies that have involved over 500 records. Each week, several electronic mail breaches are recorded on the portal.

The Cofense report probes deeper into these attacks and demonstrates that a third of all data breaches happen at healthcare companies.

There are several instances of how simple phishing attacks have led to attackers getting access to confidential data, some of which have led to the theft of massive volumes of data. The phishing attack on Augusta University healthcare system, informed in August 2018, led to the health data of 417,000 patients being breached.

Cofense carried out a cross-industry comparison of 20 verticals including healthcare, technology, manufacturing, the financial services, and the energy sectors to find out how vulnerability and resiliency to phishing attacks differ by industry sector. The report compared electronic mail reporting against phishing vulnerability and demonstrated that healthcare has a resiliency rate of only 1.34, compared to 1.79 rate for all industries, 2.52 for the financial facilities, and 4.01 for the energy sector.

Among the main reasons for the low healthcare score has been past underinvestment in cybersecurity, although the industry is greatly regulated and healthcare companies are needed by law to provide safety consciousness training to workers and should implement a variety of controls to safeguard patient data.

The high cost of data breaches – $408 per record for healthcare companies compared to a cross-industry average of $148 for each record – has meant that healthcare companies have had to invest more in cybersecurity. Though still worse than other industries, the enhanced investment has seen improvements made even though there is still plenty of room for improvement.

By examining reactions to replicated phishing electronic mails transmitted via the Cofense PhishMe phishing replication platform, the Leesburg, VA-based business was able to detect the phishing electronic mails that are most usually clicked by healthcare workers. The top clicked messages were invoice requests, manager assessments, package delivery electronic mails, Halloween eCard alerts, and beneficiary changes, each of which had a click rate of more than 18%. Having access to this data assists healthcare companies to address the biggest dangers. The report also describes how, through teaching and phishing replications, vulnerability to phishing attacks can be considerably decreased.

The report contains a case study that demonstrates how by using the Cofense platform, one healthcare company was able to halt a phishing attack within just 19 minutes. It is not unusual for breaches to take more than 100 days to recognize.