Sophisticated malware is on the rise, and attackers are finding creative ways to steal your information.
Sarah, a well-respected and highly productive manager, is working on getting a loan to buy a new house. In the midst of an especially hectic day, she gets an e-mail about a problem with her account. In a panic, she opens it and clicks on a link. Too late, she realizes she’s opened the door to cybercriminals. According to a new report, malware in particular is on the rise; and hackers are targeting individuals in healthcare instead of organizations. Read on to learn about some alarming trends and what you can do to protect yourself and others.
First of all, it’s important to have a basic understanding of malware, a general term encompassing a wide range of malicious code delivered to and installed on victims’ systems and servers. The malware strain Emotet is among the most common, and it has evolved to become a tool for distributing spam, stealing information, and other dangerous activities. It was the most common malware in emails sent to healthcare companies in the first quarter of 2019.
Perhaps more alarming is that attackers seem to be moving from single-purpose threats to versatile Emotet malware that has what is called a “Swiss Army knife” effect. Depending on how this is deployed, it can serve as a downloader, information stealer, spambot, and more. Its versatility makes it useful to attackers and a growing threat to healthcare organizations.
Some good news is that ransomware, which was rampant in 2018, is down considerably so far in 2019. This involves attacks where the hacker locks organizations out of their data and demands a payment of some kind to restore their access. In fact, ransomware attacks are at an all-time low, even though some high-profile incidents have made news this year. One possible reason for this, experts say, is that the value of cryptocurrency, hackers’ preferred source of payments, has fallen considerably. As a result, ransomware attacks are less of a sure bet for attackers.
As people have become more cautious about opening email attachments, they still feel relatively confident about linking to URLs. So, not surprisingly, URL-based attacks have grown in 2018 and 2019. Attackers often use trusted sources such as a file-sharing service to host malware and link to the malicious files in a URL. These attacks are harder to detect, as the email itself doesn’t have a malicious payload, that is, the risky code isn’t in the email itself but on the website linked to by the URL. Attackers can easily and quickly create new URLs, and these are easy to disguise with link-shortening tools.
Increasingly, hackers are targeting individuals in your organization, those people with the most visible email addresses, including shared email accounts. A few reasons your employees might be on attackers’ radar:
- They have public-facing contact information.
- They are long-tenured workers, increasing the chances that their email address is eventually revealed.
- They are included in a public-facing distribution list.
- Their email address was leaked in an earlier data breach.
- They were recently published or featured in an announcement or news report, often with their email address.
There are a few steps, the study authors say, that can help protect your employees and your organization:
- Adopt a people-centered security posture.
- Train users to spot and report malicious email.
- Assume that users will eventually click on some threats and plan accordingly.
- Build a robust email fraud defense.
- Isolate risky websites and URLs.
- Protect your brand reputation and clients/patients in channels you don’t own.