How to get your practice’s email security up to snuff for the new year

The holiday season is prime time for cybercriminals. IT teams are short-staffed, and businesses may be running on a minimally operational team because many employees take time off. Since email is one of the main threat vectors for cybercrime, now is a great time to reevaluate your email security going into 2022.

Ransomware is on the rise

The threat of ransomware continues to increase as threat actors evolve their tactics. It is the most prominent malware threat, and malicious emails are up 600% since the COVID-19 pandemic began.

The current average ransom fee is $200,000, up from just $5,000 in 2018.  The largest reason for the increase in attacks is that more companies are choosing to pay the ransom to get their data back. Cryptocurrency exchanges also allow for more anonymity in criminal transactions.

A history of holiday breaches

The July 4th weekend saw a huge surge of network disruption when Kaseya software fell victim to a ransomware attack. It caused hundreds of businesses to close and is considered the largest ransomware attack on record. The attack reportedly started on Friday afternoon as many employees logged off and headed into the holiday weekend.

Healthcare is a hacker’s favorite target

While cybercriminals attack all types of businesses during the holidays, they especially like to exploit the healthcare industry. Covered entities are a juicy target for cybercrime because of the high value of protected health information (PHI) on the black market, and providers are more likely to pay a ransom to get their data back since lives may hang in the balance.

Healthcare organizations also have large, vulnerable attack surfaces, often with lax cybersecurity controls, and employees are often stressed and overworked.

It’s only gotten worse during the pandemic.  The number of hacking incidents reported in healthcare climbed for the fifth straight year in 2020, jumping 42% in 2020 alone.

CISA weighs in

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) recently released best practices for ransomware awareness during holidays. Some of their recommendations include:

• Review data logs for suspicious activity
• Have IT employees available to respond to a ransomware attack over a holiday
• Make an offline backup of data
• Conduct employee training on phishing schemes
• Require multi-factor authentication (MFA)
• Monitor RDP access to resources over internal networks and use a VPN
• Ensure business associates are following appropriate security measures
• Enforce a strong password policy
• Create an incident response plan

Email phishing no doubt made CISA’s list since it has become the leading entry point for ransomware attacks. But teaching employees to spot malicious emails isn’t enough to protect your team’s inboxes.  Rather than stress about unavoidable human error, healthcare providers should utilize strong cybersecurity measures from the outset that takes the onus off of individuals to protect their data.

Healthcare providers should implement robust inbound email security in addition to sending outbound HIPAA compliant email. The best solutions will block malicious messages containing ransomware and other threats from reaching the inbox in the first place.

For more on this topic, read our other article in Physician’s Practice: Cybersecurity best practices for email communications.