The risk of a cyberattack is increasing as a result of the coronavirus disease 2019 (COVID-19) pandemic. Many of these attacks are targeting the IT systems of healthcare facilities and often take the form of ransomware. Organizations can mitigate these threats by implementing critical security controls. And there’s no time like the present for IT security.
What Is Ransomware?
Ransomware is a type of malware that threatens to perform some action, such as publishing a victim’s data or blocking access to it unless a ransom is paid. Most ransomware is essentially a bluff, as tech professionals can often correct the vulnerability without paying the ransom. However, sophisticated ransomware encrypts the victim’s files and offers to provide the decryption key in exchange for the ransom.
An effective ransomware attack has two primary requirements. The first is that the cost of decrypting the files without the key costs more than the ransom. The second requirement is that tracing the ransom payment must be impractical, which generally means it must be made via cryptocurrency, such as Bitcoin or Ukash.
Cyberattacks Targeting Healthcare During the Pandemic
In mid-March, the Department of Health and Human Services was challenged by a targeted cyberattack. Hackers were not able to penetrate the network or slow service, despite millions of malicious hits. But it was a warning to medical and healthcare organizations about the additional threats they currently face.
Vigilance, constant monitoring, and risk-based security programs are required to protect vital sources of information and sensitive data in times like this. In fact, an HHS spokesperson explained, “Early on while preparing and responding to COVID-19, HHS put extra protections in place.”
The ransomware attack on Hammersmith Medicines Research in the U.K. is another related to the COVID-19 outbreak. The London-based company was conducting clinical trials on a new treatment for COVID-19 when the disease first began to spread in the U.K. Hackers were able to encrypt thousands of patient files and threatened to publish them online unless Hammersmith failed to pay a ransom.
Managing Director Malcolm Boyce contacted the police instead, and his IT staff worked around the clock to mitigate the damage. They also implemented multiple security applications to improve their defenses. Boyce adds that his company has recovered and is now operating normally after the setback.
Get more information about Avoiding HIPAA Violations with Telehealth During the Pandemic.
Malicious Attacks Are Opportunistic
Healthcare organizations make attractive targets for hackers because a successful attack prevents healthcare providers from accessing electronic medical records, including medical histories and prescriptions. This problem has particularly severe consequences during an epidemic since it can result in fatalities that would not otherwise have occurred.
Time constraints, lack of a plan or capacity for an organized response, and political pressure results in some health organizations paying the ransom. This is exactly what the hackers are counting on. They also prey on users panicked search for information. One newsworthy example includes hackers using map trackers of the infectious coronavirus to spread malware to users.
Key Security Controls for Healthcare
Cyberattacks aren’t new in healthcare, but the COVID-19 epidemic has resulted in a dramatic rise in both the frequency and severity of threats. The latest attacks are also more sophisticated and organized, illustrating the need for greater security readiness in healthcare.
The ISO 27001 standard on cybersecurity describes many practices that are necessary for an effective information security program. Furthermore, the selection and implementation of controls should be based on the specific risk assessed by each organization. Nevertheless, some security controls are generally more important than others for health organizations needing to mitigate risk during the COVID-19 outbreak.
For example, the configuration and hardening of computer systems is particularly beneficial for organizations looking to strengthen their defenses. A system’s unexpected deviation from its baseline configuration is often an indication that it’s been compromised. Not only does this control make systems less vulnerable to attack, it also serves as a starting point for implementing a change management program in security.
Centralized Security Monitoring
Centralized collection and monitoring of security events is another control that warrants greater emphasis in healthcare. This control provides an organization with a more accurate vision of its own IT environment. The ability to detect and respond to policy violations and outright infiltration attempts is essential for preventing successful attacks.
Many attacks succeed by exploiting vulnerabilities that administrators can easily eliminate by simply applying a security patch, which is a practice that some health organizations overlook. While not every patch needs to be applied at all, a rigorous vulnerability management program should include applying all security patches as soon as they become available.
Monitoring Data Movement
The need to monitor and restrict the distribution of data in a computing system is also important for preventing data breaches. This is especially true when data leaves the system, whether it’s transported through a network or on removable media. An organization with these security controls in place can still detect and block attempts to exfiltrate data, even when the attackers bypass other security controls.
Get more information about our Remote IT Security Assessment & Compliance Attestation Services.
Be Confident About Your Organization’s Network Security
I.S. Partners uses a combined control model to implement cost-effective security solutions for the real world. We also provide the technical expertise needed to achieve a clean security audit and make recommendations for improvements. For more information, check out our Pandemic Planning Services for organizations. Call us today at 215-675-1400 or visit us online to request a quote.