While the world continues to deal with a new reality full of face masks and working from home amid the COVID-19 Pandemic, healthcare workers are working hard to take care of those directly affected by the virus. As healthcare facilities across the globe care, not only for Coronavirus patients, but their usual patients as well, the lives of these medical professionals are made even more difficult by malicious cybercriminals.
The medical field is often a target for cybercrime, experiencing an increase in cyber attacks of 60% from December 2018 to September 2019 alone. Eighteen percent of all data breaches in 2019 hit the healthcare sector, the highest out of any industry. However, during this far more stressful time for the healthcare industry, cybercriminals are upping their game and striking with an even greater fury.
The Cyber Threats
Virtual Patient Meetings — Though many of us do not leave our homes often if at all as of late, this does not mean that some of us do not still need the advice and help of medical professionals. For many patients, the route of virtual doctor’s visits has become a happy medium to getting the help they need without being put at risk of catching the virus. Though this may be a convenient method to meet, it also presents a major vulnerability to a hospital’s networks. Telehealth has been an option provided by many healthcare professionals for a number of years now, however, with the COVID-19 pandemic, these services have become far more utilized than ever before, in a way which many systems were not prepared to face. Privacy implications for patients and doctors or nurses who work remotely are at a heightened risks due to the insecurity of remote connections.
Vulnerability of Temporary Facilities & Medical Devices — Hospitals are in dire straits and many have had to create ad hoc, temporary facilities to deal with the influx of patients. While this is absolutely necessary for many hospitals to deal with the need for increased capacity, these impermanent provisions present incredibly difficult cybersecurity threats. These facilities sit outside of both the physical and digital protections of the typical hospital operations. Because of this, many IoT devices are connected to less-than-secure Wi-Fi networks and are utilizing a remote approach to feed information back to hospital networks.
Phishing Scams — The WHO has reported that cyberthreats have doubled since this pandemic began and the most prevalent attack seems to be phishing emails. Google stated earlier this month that its cyber teams have been blocking 18 million COVID-19 spam or phishing emails per day The objective of malicious actors who send such emails is to take advantage of lax cybersecurity defenses to access either victim financial information, personal information, or network access, particularly for businesses and establishments. This is also often the way in for many hackers to attack a system with ransomware.
Ransomware — A Colorado hospital was hit by a ransomware attack in April of 2020, just as the current health crisis began to peak in the state. The attack “rendered inoperable” the Pueblo, CO hospital’s systems for saving and storing patient PII (personally identifiable information), forcing the establishment to revert to utilizing only paper forms, a much less efficient and modern process. This particular medical center ended up working with third-party investigators and paying the ransom as a means of mitigation, but this incident is a signal to many other medical facilities the real threat of people trying to take advantage of hospitals being overwhelmed with an influx of patients.
Cybercriminals are taking advantage of the heightened state of panic and confusion as hospitals in particular are stretched to far beyond their capacity. Because of this, cyber-defenses are more important now than ever before.
Increase cybersecurity defenses — Ensure that current software systems are updated and secure. On top of this, the threats posed by home-based employees, physicians, and patients requires for an increase in defenses. Emphasize the importance of keeping cybersecurity reasonably toward the top of mind while operating during this crazy time. If internal IT teams are overloaded beyond realistic capacity, utilize local and trusted cybersecurity companies to strengthen your defenses in order to prevent cyber-risks from entering your networks.
Secure temporary networks as though they were permanent — One of the biggest threats to hospitals right now lies within their temporary facilities. Though necessary, these facilities present incredibly risky vulnerabilities to patients and hospitals alike. Utilization of strong firewalls and cybersecurity best practices for these temporary centers is key to not allowing these vulnerable areas to become an entry point for malicious actors.
Stay up-to-date on emerging cyberthreats — Pay attention to statements from the CDC, WHO, and other reliable news sources regarding emerging and growing cyberthreats, particularly related to the Coronavirus, in order to know what you and your facility may be up against. Medical professionals, hospital staff, and patients should continuously be educating themselves and others regarding the current threats in order to be better prepared to combat them. In particular, being on high alert for suspicious phishing emails is essential.
The Bright Side
While there are these malicious actors out there trying to do harm to the healthcare industry, this situation has also brought out the best in cyber-savvy folks who want to use their knowledge for good. Multiple volunteer coalitions have been forming across the world made up of cybersecurity experts who have banded together to protect hospitals and healthcare facilities against cyber attacks. One such group, self-dubbed COVID-19 CTI League, has spoken out saying that though nothing major in terms of target attacks on the medical field have happened yet during COVID-19, they believe and hope that this is due to the proactive efforts of their group and groups like them. In March, the group managed to work in tandem with local medical teams to detect and secure over 2,000 system vulnerabilities in healthcare organizations.
Image by Freepik