By Claire Umeda
Worldwide, healthcare organizations are increasingly strained as they respond on the frontlines to the coronavirus (COVID-19) pandemic. In the midst of this public health crisis, cyber-attacks in the healthcare sector increased by 150% during the last two months alone. As more fear and uncertainty spreads, bad actors will continue to exploit vulnerable people and organizations, including our healthcare infrastructure. Looking ahead, there are simple steps that individuals and businesses can take to mitigate cybercrime.
Why is the healthcare industry a big target?
There are many reasons why cybercriminals attack this sector, most notably for its treasure trove of sensitive medical data. The personal nature of Protected Health Information (PHI) makes this type of data highly profitable in underground markets. Often times, sensitive and personally identifiable information (PII) such as social security numbers, family names, home addresses and payment and insurance details, along with patient health conditions, issues and medications are included in healthcare breaches. Patient information is usually kept up-to-date and cannot be changed or replaced like financial data where you can get a new bank account or credit card.
Because medical records don’t change, medical data sells at a higher price in underground markets than typical financial data. Cybercriminals can sell credit card information for around $100, whereas full medical records – which contain dates of birth, credit card details, and social security numbers – can sell for up to $1,000, according to the cybersecurity company Bitdefender.
More often than not, hospitals and physicians are unprepared to deal with cyber threats, ranging from ransomware incidents to accidental exposure. Due to a lack of training and resources, it’s possible for medical professionals to inadvertently expose data. This lack of preparedness affects health entities of all sizes, so it’s not just the large organizations that are at risk. Smaller organizations generally have outdated security postures because they allocate fewer resources to cybersecurity. They are attractive targets because they provide cybercriminals access to larger enterprises through methods like island hopping.
Given the industry is constantly evolving and moving toward digitalization, we are seeing attacks on healthcare organizations increase.
Cybercriminals are already exploiting the coronavirus
Although some threat actor groups pledge not to target healthcare organizations during this pandemic, this does not hold true for all cybercriminals, as evidenced by the recent Hammersmith Medicines Research cyber-attack.
In our current climate, online scammers are spoofing credible health organizations and experts, even targeting highly affected areas of the world, including Italy. As such, the World Health Organization (WHO), Federal Bureau of Investigation (FBI), and the Federal Trade Commission (FTC) have published coronavirus scam warnings (the FTC even published a follow-up alert not long ago, showing this problem persists).
Although some phishing scams are more deceiving than others, it does not take an expert to identify a suspicious email or phone call. For instance, have you ever received a threatening call from the “IRS”? What about a message letting you know that your student loan forgiveness program is ending abruptly? The bottom line is that you should always be leery of unsolicited calls or emails, especially when the messages request your personal or financial information. Further, ask yourself: Is this email poorly written? Does the sender look genuine? Is the message pressuring me into performing some sort of action? Is the email fear-inducing? If you have any suspicions at all, don’t take any chances – report the email.
It is encouraging to see the national media attention on these scams in recent weeks. It is on all of us to remain vigilant to safeguard our personal and organizational data from these types of attacks. If there’s any silver lining to extrapolate, I am hopeful that the lessons learned from this situation will better prepare us all for phishing attacks moving forward and could prevent future data loss.
How can we prevent these cyber-attacks?
Simply put, addressing these cyber threats begins with awareness. Understanding that bad actors will exploit a global crisis is important. From there, taking a basic cybersecurity training course and following best practices can go a long way. Following basic security guidelines requires common sense, and unfortunately, during this vulnerable time where hysteria rules the day and people consume as much information as possible, we’re more likely to click on malicious links or attachments. This is why remaining calm and vigilant is so important.
In the healthcare industry, the consequences of an attack are elevated and go beyond just the financial or reputational risk. My firm, 4iQ, has partnered with other leading cybersecurity companies to create The C5 Alliance – with the goal of tackling issues arising from this pandemic. As part of this partnership, 4iQ is offering free domain monitoring services to healthcare organizations.
As individuals, we must adhere to basic personal and cyber hygiene guidelines. Businesses have a responsibility to educate employees and do their part in preventing this novel virus from spreading further, which may mean standing on the front lines of the global cyber war. Cybersecurity may not be a top priority for many right now but staying alert and recognizing suspicious activity are essential on this road to recovery.
Claire Umeda is Vice President of Marketing at 4iQ, where she leads go-to-market strategies, product marketing, sales enablement and brand management. Prior to joining 4iQ, Claire has held senior and executive marketing and product positions for startups in the security, communications, data management and social gaming spaces.