Healthcare Cybersecurity During the Pandemic
A commanding 94% majority of respondents to a new Black Hat survey says the pandemic has increased cybersecurity threats to enterprise systems and data. The healthcare field has been no exception. According to a statement issued by global technology company Acronis, cybercriminals “will target the government agencies, healthcare facilities and medical professionals treating patients during the COVID-19 crisis,” after it found a surge in ransomware detections.
Phishing attacks, emails disguised as from a genuine source with the aim of tricking recipients into providing personal details or clicking on a link allowing attackers to steal credentials, have all increased since the pandemic began.
Despite certain hacker groups stating their intent to refrain from targeting healthcare organizations for the duration of the COVID-19 crisis, publicly reported cyber-attacks in March 2020 included a ransomware attack on the Champaign-Urbana Public Health District in the United States, and the downing of critical systems at Brno University Hospital in the Czech Republic. In addition, attacks against the World Health Organization have more than doubled while the U.S. Department of Health and Human Services was purportedly hit by an attempted DDoS attack.
While some activity can be attributed to cybercriminals motivated by profit who seek to exploit organizations with a weak security infrastructure, the targeting of healthcare agencies is also being carried out by Advanced Persistent Threat groups involved in cyber espionage. Media reporting indicates that proprietary information related to tests or vaccines would be considered highly valuable intellectual property to governments and businesses competing to find a cure.
The rapid rollout of telehealth services has prompted security experts to call the coronavirus crisis “blood in the water” for bad actors. “Any time you make a change to an IT environment, you have the potential to increase risk,” Andy Riley, executive director of security strategy at the managed-security-services vendor Nuspire, told Healthcare IT News. “When you introduce rapid change, that potential goes up rapidly.”
The health systems have rapidly rolled out technologies to provide broader access to care, sometimes neglecting security in the process. As an example, iPads and other mobile devices need to be able to run a remote-triage tent and administrators may not have considered tightening the controls.
According to Riley, medical devices “have long been problematic” in part because of their light operational footprint, which doesn’t allow for much security processing-power. This can be especially troubling because of such devices’ proximity to patients and links to the cloud.
He also pointed to the relaxation of firewall rules to accommodate additional remote-work capabilities as a possible danger.
“Securing data and devices is a challenge at the best of times,” said Raja Bhadury, head of the care-delivery portfolio for healthcare at HP, “And now during this pandemic … when you have clinicians working in these novel ICUs that have been created in parking lots and convention halls, cybersecurity is a huge thing to watch out for.”
Contact Tracing Apps
The development of contact-tracing apps, too, has sparked debates around the best ways to protect patient privacy while promoting public health. Many people say they won’t use them despite efforts from lawmakers to try to ensure their safety.
The well-known Johns Hopkins University COVID-19 tracking map was replicated by attackers on another domain to spread information-stealing malware. The distribution of malware (‘malicious software’) can be installed to steal, encrypt or delete data, or monitor and control the device. This makes such attacks a major threat to health and social care institutions.
In response to these attacks, the Cybersecurity and Infrastructure Security Agency (CISA) at the United States Department of Homeland Security (DHS) and the National Cyber Security Centre (NCSC) in the United Kingdom have jointly released advice. The NCSC report that they created has found 555 malware distribution sites and 200 phishing sites associated with COVID-19.
Mitigating Cyber Threats
To reduce their risk of being attacked or hacked, healthcare facilities are advised to establish an anti-phishing strategy, which includes training employees to recognise malicious emails and sites, or use email systems with integrated anti-phishing solutions.
Additional advice includes using two-factor authentication where possible, unique passwords for different services and automatic system updates, as well as deploying ransomware protection and antivirus systems.
“Another effective way is to make public-facing websites static,” the global technology company Acronis advised. “Since some companies do not need complex content management systems on their websites, pre-rendered static pages are more secure.”
User monitoring applications are also becoming standard in many companies, particularly those handling sensitive software such as in the healthcare sector. This software monitors what users are doing while logged in remotely and helps to provide clear evidence and root causes during investigations of security breaches.
This software is often necessary for compliance and auditing purposes as in the case of HIPAA medical regulations regarding handling of patient records.
Learn about how RecordTS’s Remote Desktop Session Recording software can help here – www.tsfactory.com.