Emotet, one of the world’s most disruptive threats, has reemerged after a lull around Christmas. According to the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), Emotet is a sophisticated, costly, and destructive Trojan. Those within the pharmaceutical industry, and healthcare in general, must remain on high alert and use HIPAA compliant email when sending and receiving emails.
CISA states that Emotet functions as a “downloader or dropper” of other malware. Once in a system, Emotet can infiltrate an entire network, steal sensitive information, disrupt operations, and harm an organization’s reputation. Emotet was first reported in 2014 infecting organizations in the banking industry, transforming into a general-purpose malware currently setting its sight on the pharmaceutical industry. The primary threat actor behind Emotet, TA542, has a massive sending infrastructure. It uses social engineering, spamming, credential stealing, email harvesting, and attachment downloading to infect and spread rapidly. Emotet accounted for 11% of all malicious payloads during the first quarter of 2019 from its campaign in July 2019 alone. On January 13 this year, the campaign reemerged after its hiatus, focusing on the pharmaceutical industry in the U.S., Canada, and Mexico and sending nearly 750,000 emails, the largest seen since April 2019. By the next day, 12 additional countries and multiple other industries were added as targets. In the past, Emotet has sent a record 100 million messages in one day, indicating the extent of damages organizations face from Emotet this year.
Finally, each time a new threat emerges, organizations must update employee awareness training; for Emotet, customize modules to address spotting and avoiding malicious emails. Related: Recognizing and Blocking a Malicious Email Stay on top of cybersecurity news as the only way to protect your organization from future attacks is by having a solid security program and strong, up-to-date employee training.