Healthcare organisations targeted in new ways by cybercriminals according to Proofpoint’s 2019 Healthcare Report


Cybersecurity firm Proofpoint has released its 2019 Healthcare Report which reveals that the healthcare industry continues to be one of the most at risk when it comes to cyber attacks, due to the highly sensitive and personal information industry professionals / organisations hold.

These findings come just a week after the computer systems of several hospitals in Victoria were hit by a ransomware attack, blocking access to crucial patient booking systems.

Although the 2019 Healthcare Report reveals the volume of ransomware attacks has fallen markedly since its peak in 2017, Proofpoint observes the use of ransomware in more carefully targeted, email-based attacks on victims most likely to pay, increasing their potential for financial harm. When targeted with ransomware, Proofpoint suggests many healthcare organisations may have already been compromised before the attack through email-based malware, allowing cyber criminals to study the organisation’s most vital systems and systematically install ransomware on key, vulnerable infrastructure.

Key Findings

  • 77% of email attacks on healthcare companies during the study used malicious URLs.
  • 95% of targeted healthcare companies saw emails spoofing their own trusted domain. And all of them had their domain spoofed to target patients and business partners.
  • Targeted healthcare companies received about 43 impostor emails in Q1 2019 — a 300% jump over the same quarter last year.
  • For each targeted healthcare organisation, an average of 65 staff members were attacked in Q1 2019.
  • Subject lines that included “payment,” request,” and “urgent” and related terms appeared in 51% of email sent of all impostor email attacks,
  • The largest volume of impostor emails arrived on weekdays during 7.00am and 1.00pm in the targets’ time zone.

The report can be downloaded here: