Posted on September 17, 2022 at 7:32 PM
The Federal Bureau of Investigation (FBI) has warned that hackers are targeting healthcare payment systems as they try to steal funds. According to the report, the threat actors are looking to redirect victims’ payments by taking control of the payment platforms.
The hackers are using social engineering techniques and workers’ publicly available Personal Identifiable Information (PII) to impersonate victims and gain access to payment information, healthcare portals, and their files.
Attacks On Healthcare Firms Have Reached An Alarming Level
The FBI also stated that the cyberattacks that target healthcare organizations have reached an alarming level, as hackers have already stolen millions of dollars. It said in one of the attacks, the hackers changed the victims’ direct deposit information to an account under their control, and redirected a payment of $3.1 million.
The threat actors are also impersonating their victims to have access to their platforms, exposing the payment information of their targets. This year alone, the stolen funds have already reached $4.6 million, according to the FBI alert.
The Bureau said three notable hacking incidents have been recorded this year in the health sector, including two in February and one in April.
There has been a surge in global cybercrime in the health sector driven by nationwide lockdowns due to the Covid-19 pandemic. Several threat actors moved from the finance section to the healthcare sector, as they look for sensitive information about the coronavirus vaccine.
That wave of attack in the health sector has continued this year even after the lockdowns were over across many regions. Last April, U.S. law enforcement reported that a healthcare organization with 175 medical providers lost a whopping $840,000 after threat actors successfully hacked their systems.
In February this year, another healthcare organization suffered a hit in another hacking incident. The attackers stole $700,000 from a healthcare organization using the same strategy it used for the previous $3.1 million heist.
The Hackers Have Stolen From Over 64 Healthcare Organizations
Apart from these incidents this year, the Bureau’s alert shows that threat actors have stolen from several US health payment processors over the past two years. According to the report, various threat actors have stolen from more than 64 healthcare organizations in the country between June 2018 and January 2019.
The cybercriminals will continue targeting healthcare payment processors via a variety of techniques, such as social engineering and phishing campaigns, to steal vital information and gain user access.
In one of the cases last year, the victim reported having lost about $1.5 million from the attack. In this attack, the threat actor used data gained from phishing attacks and publicly available PII to gain access to the victim’s system.
Apart from phishing attacks, the alert also revealed that the threat actors are using malicious methods against user accounts. These include phishing emails that target financial sections of healthcare processors. They also use social engineering attacks to gain access to payment portals and the target’s internal files.
The FBI said there have been several complaints from employees who were requested to reset both their passwords and two-factor authentication (2FA) phone numbers within a short timeframe.
Some employees have also reported being locked out of their accounts after failed password recovery attempts. It meant that some of the employees who unknowingly gave out their account details were locked out after the threat actors changed the password.
Organizations Need To Do More To Protect Their Systems
The FBI has listed some mitigation techniques users can apply to stay safe and avoid being victims of the attacks. The Bureau advised that users should ensure that their system is regularly supported by anti-malware and anti-virus software while security protocols are updated regularly. Maintaining a strong anti-malware security system will prevent the most common attacks.
Also, organizations need to regularly carry out network security assessments to stay updated on regulations and compliance standards. These include carrying out vulnerability scans and penetration tests to maintain a high level of security presence that can withstand threat action.
Organizations should also invest in the training of their employees because most successful attacks generally come from workers’ ignorance. Healthcare organizations should consider options in barrier layers and authentication, as well as training employees on how to identify and report phishing activities.
The employees should also be regularly informed about new security systems and how they can be used to protect the systems and servers. Enforcement of a multi-factor authentication (MFA) protocol will help to reduce the level of successful attacks on healthcare organizations, the FBI stated.