Ignore at your own peril: Securing e-mail domains takes more than anti-spam tools

Spam filters are one thing, but if a hacker takes over an e-mail domain, spoofing and phishing can become precise and dangerous. But there are tools available that can help.
By Bill Siwicki
10:28 AM
securing email

Basic security tools such as spam filters and anti-virus software, they do their job. But cybercriminals are savvy and there are other ways to get into a healthcare network. One of those methods is hijacking an organization’s e-mail domain.

This enables attackers to use the domain combined with efforts to spoof names and brands to get to organization users and convince them to click on a link or document that contains malicious software that could contain ransomware or other forms of attack that will cause disruptions or worse. 

[Also: Is your hospital hacker bait? Here's how to change that]

Security vendors Network Solutions, Postmark, Symantec and others sell software to protect e-mail domains from being hijacked and the Global Cyber Alliance offers a free tool called the Domain-based Message Authentication, Reporting and Conformance protocol, or DMARC. 

Whereas spam filters typically block incoming attacks, DMARC is specifically designed to help organizations stop spammers and phishers from using an e-mail domain to conduct malicious attacks by tricking unsuspecting customers, partners and employees.

[Also: Warning: Millions of devices are still vulnerable to WannaCry]

GCA was founded by the Manhattan District Attorney’s Office, the City of London Police, and the Center for Internet Security in September 2015. On Thursday, GCA president Philip Reitinger publicly encouraged healthcare entities to adopt the protocol and plugged the organization’s DMARC set-up guide.

DMARC user and Aetna CISO Jim Routh explained that the suite of tools can help “prevent the worst type of malicious e-mail from using the most common tactic.”

[Also: Unsecured medical devices: Healthcare's new warning call]

Reitiner and Routh sounded the alarm after the GCA conducted research that found just six of the biggest 50 public hospitals and 22 of the top 48 for-profit hospitals are currently using the protocol and among those that have implemented it all but one have done so in a limited capacity.

DMARC is just one of the options, of course, and GCA’s research only looked at DMARC adoption so its statistics do not necessarily mean that hospitals are not using other tools to protect e-mail domains. 

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com

Like Healthcare IT News on Facebook and LinkedIn