Email phishing campaigns are rising across every industry, and healthcare fosters a few vulnerabilities that make organizations particularly susceptible, according to Ranjeet Vidwans, who shared his viewpoint in CPO Magazine.
In the last two years, email fraud in the healthcare industry has risen 473 percent, according to the report. Hackers that use email phishing campaigns only need to compromise a small number of healthcare organization employees' accounts to gain footing in the targeted organization's systems.
Here are three reasons why the healthcare industry is especially susceptible to email phishing attacks, according to Mr. Vidwans, who serves as co-founder of Clearedin, a cybersecurity platform that helps IT platforms prevent phishing attacks.
1. Ties to Microsoft. Numerous healthcare organizations comprise a Microsoft-heavy infrastructure because their various medical systems and hardware use Microsoft technology. The technology giant has been a popular target for hackers because it has a large installation base.
2. Limited training. Once-a-year training programs are not enough to keep hospital employees up-to-date on the latest cybersecurity attacks and email phishing campaigns, which frequently evolve. The healthcare industry is very fast paced, which makes hospital employees more likely to click a link or download an attachment from an email without realizing it may be a phishing attempt.
3. The type of data hackers want. Healthcare organizations' patient data contains some of the most valuable data, including Social Security numbers, insurance and payment information and personal details, that hackers sell on the dark web or use to commit identity theft and fraud.