Click – You’re It
In 2018, over 128,400 medical patients were victims of a successful phishing attack. All personal information was accessed, both health and financial. Not a big deal anymore in the daily news, except, of course, to the victims. The oncology and hematology practice notified the appropriate authorities and are keeping pretty mum about the whole incident, which happened in April 2018 – ahem, it is now 2019.
The information was accessed via a replicated email sign-on page. From there, the hackers were able to access the content of emails that contained protected health information (PHI) and personally identifiable information (PII). The practice has assured all patients that their information was not used on the black market. And they know that because…?
My point? Phishing for emails is a popular attack approach because it’s easy to dupe end users into clicking on links, or in this case signing on to their email accounts. Another attack method is business email compromise (BEC), sometimes called credential phishing. These malware-based threats are delivered through malicious attachments and URLs, and continue to thrive because they can bypass ‘next-generation’ defenses. They are structured so the malware emails appear to be coming from someone internal with managerial responsibility, and appear legitimate. The key is that they are believable as the sender appears to be someone end users know, or know of, and holds an executive or management position, and the emails supposedly originate from within the organization. According to Verizon’s annual report, 12 percent of end users will click on a malicious link at, supposedly, 3:45pm.
Email management is typically a set of standard procedures executed on a recurring basis. However, the weak link is the contents and attachments of emails, which may expose privacy or sensitive information and wreak havoc on an organization’s IT infrastructure to remediate. Impacting security, compliance, information governance, and eDiscovery, Concept Searching’s conceptClassifier platform incorporates tools that enable the identification of standard and organizationally-defined information that needs to be captured, remediated, or has exceptions that need to be managed, in real-time. Providing multi-term metadata that represents keyword strings, phrases, subjects, topics, and concepts, exposed data will be identified, even if the exact search expression isn’t used. Classification to one or more taxonomies provides the functionality for business professionals or IT teams to easily manage and modify the taxonomies.
When Microsoft Exchange is used, conceptClassifier for Exchange provides the technology framework to quickly and effectively address both internal and external sources of potential data breaches and noncompliance infractions. A modern threat response solution should empower your team to:
- Automate time-consuming forensics-collection chores
- Contextualize data to understand and prioritize threats
- Remove malicious emails and quarantine infected endpoints
- Identify noncompliance infractions
- Improve eDiscovery
Luckily, that’s what we do. How effective is it? May we show you?