Lessons from the biggest email-driven cyberattacks of 2022

2022 has been a rollercoaster ride for those in the cybersecurity industry with major email-based attacks dismantling business operations and jeopardizing reputations. 

Cybercrime is a lucrative and continuously evolving business that impacts companies of all sizes as sophisticated threat actors continue to exploit email vulnerabilities for financial gain. This year alone, email-driven cyber-attacks have skyrocketed. Email is the entry point for most ransomware attacks, which have spiked a nearly 13% increase equal to the last five years combined. With such a drastic increase, companies continue to fall victim to cyber-attackers by failing to implement proper email security. 

Let’s dive into the biggest email-driven cyberattacks of 2022 and the lessons they offer to enterprises. 

Reflecting on three of the biggest email-driven cyberattacks of 2022

  1. In March, Horizon Actuarial disclosed a data breach that affected over 1 million customers of the group’s healthcare and benefit plans. Through a ransomware attack, cybercriminals stole personally identifiable information (PII) including names, dates of birth, Social Security numbers and health plan information, from over 33 organizations. Following its notice, a lawsuit pointed to Horizon Actuarial’s alleged lack of preparedness as well as the significant time it took to inform individuals affected by it. 
  1. In April 2022, Baptist Medical Center experienced a cybersecurity incident that affected approximately 1.2 million patients. An investigation revealed that an unauthorized party had infected the hospital network with malicious code, removing data including Social Security numbers, health insurance information, medical record numbers, dates of service, provider and facility names, addresses, birth dates, reasons for visit, procedure information, account or claim status, and billing and diagnostic codes. A lawsuit alleged that the breach resulted from negligence to implement proper technical safeguards to prevent security incidents. 
  1. In June, Flagstar Bank, one of the largest financial service providers in the United States, reported a data breach that compromised the Social Security numbers of 1.5 million customers. The attack was the second incident in just two years, and it took Flagstar over six months to detect the breach. 

What we can learn from these breaches 

The healthcare and financial services industries continue to be top targets of cyber-criminals and this trend will undoubtedly continue throughout the remainder of the year. Breaches can lead to bad publicity, damaging a company’s reputation and resulting in expensive lawsuits, as is evidenced by the Horizon Actuarial data breach. 

The Flagstar Bank data breach showcases that being a victim of a breach does not prevent subsequent breaches, despite what many companies might think. Almost all companies who fall victim to ransomware attacks attempt to minimize these attacks before having to come clean.  

The last thing to note is that many smaller businesses are just as appealing a target as large enterprises, especially when they don’t have the resources to protect themselves. Investing in email security is crucial for businesses of all sizes, locations, and industries. 

Predictions for the remainder of 2022 

With increasing numbers of ransomware attacks and instability across the world, economic, political and climate uncertainty will manifest as themes in email attacks. The United States 2022 midterm elections will surely be a major opportunity for threat actors, whether it be targeting campaigns, voters, or parties. Data from the FBI shows Business Email Compromise now costs organizations $43 billion per year – by far the costliest and most dangerous cybercrime for businesses. 

As more legitimate domains are protected by DMARC, abuse and impersonation attacks from lookalike domains will continue to increase. As a result, the attack surface is expanding faster than prevention security and the demand for increased digital brand protection will grow. We’ll likely see more discussion about the “attack surface “as part of digital brand protection going forward. 

According to research, cyberattacks have increased 50% year-over-year, with each organization facing approximately 925 cyberattacks per week globally. With such a drastic increase and looming danger, companies that fail to implement proper email security protocols will continue to fall victim to cyber attackers. Although there is no right way to cope with a cyberattack, companies can take action by incorporating the necessary security measures to avoid the threat in the first place.

Strengthen your organization against cyberattacks with the Red Sift platform 

At Red Sift, we enable security-first organizations to successfully communicate with and ensure the trust of their employees, vendors, and customers. Our portfolio includes a number of gold-standard email and domain protection products: OnDMARC and Brand Trust. These are designed to work in unison to block outbound phishing attacks and provide domain impersonation defense for company-wide threat protection.

Red Sift find out more

PUBLISHED BY

Brian Westnedge

23 Aug. 2022

SHARE ARTICLE:

Categories

Recent Posts

VIEW ALL
News

Winter wins: Red Sift OnDMARC wraps up 2024 as a G2 DMARC…

Francesca Rünger-Field

The season of giving has brought us another reason to celebrate! Red Sift OnDMARC continues its winning streak in G2’s Winter 2025 report, earning Leader status in the DMARC category for another consecutive season. This recognition reflects our strong market presence and the unwavering satisfaction of our customers. Cheers to wrapping up 2024 on…

Read more
AI

Text classification in the age of LLMs

Phong Nguyen

As natural language processing (NLP) advances, text classification remains a foundational task with applications in spam detection, sentiment analysis, topic categorization, and more. Traditionally, this task depended on rule-based systems and classical machine learning algorithms. However, the emergence of deep learning, transformer architectures, and Large Language Models (LLMs) has transformed text classification, allowing for…

Read more
Security

How to drive cybersecurity as a top business priority

Jack Lilley

Everyone has a role to play in protecting the enterprise. Whether you’re shaping strategy or implementing solutions, aligning efforts to mitigate critical risks ensures a stronger, more resilient enterprise. If you missed Red Sift’s recent webinar on “From Data to Buy-In: Driving Cybersecurity as a Top Business Priority” we’ve got you covered. The session…

Read more
DMARC

BreakSPF: How to mitigate the attack

Red Sift

BreakSPF is a newly identified attack framework that exploits misconfigurations in the Sender Policy Framework (SPF) a widely used email authentication protocol. A common misconfiguration involves overly permissive IP ranges, where SPF records allow large blocks of IP addresses to send emails on behalf of a domain. These ranges often include shared infrastructures like…

Read more