From Hurricane Katrina to earthquakes in Japan, cybercriminals have long used crisis situations to further their own agendas. Regrettably, the COVID-19 pandemic is the latest to be exploited with organisations across healthcare industries – from hospitals to clinics, laboratories, and pharmacies – now finding themselves in the crosshairs.
In recent months, there have been numerous cyberattacks on these organisations around the world. Given that this pandemic will likely continue for some time, these threat actors will likely continue to exploit the situation.
A report by Kaspersky in 2020 states that according to public sources, 10 per cent of all organisations hit by targeted ransomware between January and September 2020 were hospitals and other medical institutions. Furthermore, 2020 also saw the first confirmed case when a patient died due to delays in receiving emergency care after medical equipment was infected by ransomware.
Lucrative industry
Our research into underground forums has shown that medical records are sometimes even more expensive than credit card information. This can partly be ascribed to how it opens potentially new methods of fraud: armed with someone’s medical details, it is easier to scam the patient or their relatives. Additionally, the number of attacks on medical facility devices in countries that are just starting the digitalisation in the field of medical services will continue to grow. It is especially hospitals in developing countries that will be targeted. And the pandemic has put renewed attention on this.
Today, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market. State actors have also launched attacks against healthcare organisations for purposes of intelligence gathering. But regardless of the reason, it is important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients.
Continuity of operations and data protection is extremely critical for healthcare organisations. This is more so the case today with the sector under extreme pressure. For hospitals and medical institutions, it is important to ensure the stability of medical equipment and that data is constantly available for personnel, while also protecting the privacy of their patients’ critical information.
The reality is that hospitals and research labs generate and house assets that have a high value not just for stakeholders, but cybercriminals as well. Disruption to healthcare services may have a devastating impact on patients’ health and the ability for healthcare workers to carry out their roles effectively. Furthermore, a cyberattack, regardless of its nature, will damage credibility if disclosed to the public.
Best practice
There are several cybersecurity best practices available that healthcare organisations must adopt if they are not doing so already.
Schedule basic security awareness education for both medical personnel and administration employees that cover the most essential practices such as passwords and accounts, email security, use of USB devices, PC security, and safe Web browsing. Healthcare providers should also review their existing cybersecurity solutions and ensure they are up to date, configured properly, and cover all employees’ devices. Even something as basic as using a firewall can make a massive difference to the environment.
Facilities must ensure all medical devices are properly configured and updated, such as ventilators. If there is a chance that the number of such devices increases rapidly, they should develop a dedicated procedure to quickly install and configure all new devices, safely. Some hospitals have had to urgently hire new staff. This means an increase in the number of endpoints that must be protected.
The rapidly evolving market today means that no healthcare organisation can be considered safe from a cyberattack. It is, therefore, critically important that they embrace a more security-conscious approach to operations.
Amir Kanaan
This article appears in the latest issue of Omnia Health Magazine. Read the full issue online today.