A little over a year ago, in mid-2019 B.C. (before COVID-19), we published an article on healthcare cybercrime, that discussed how the digitization of protected healthcare information (PHI) and personal identifiable information (PII) puts the information you manage in peril. But since the coronavirus pandemic, cybersecurity has become a more “clear and present danger” for healthcare.
The litany of potential cybercrimes hasn’t changed much, but the nature, frequency and severity have increased because of COVID-19, causing more reasons to recognize the cybercrime quickly and try to limit the damage.
There are a number of coronavirus-based changes in how and where we work.
These eight paradigm shifts are putting immense pressure on healthcare cybersecurity operations:
- Many employees are working from home. To avoid exposure to COVID-19, a vast number of healthcare and other companies are asking employees who can work from home to do just that. However, working remotely definitely does not mean working securely. People do not have the same level of anti-hacking network and VPN (virtual private network) security that protects them in their offices, which increases vulnerability to cyber threats. The World Economic Forum says that, “As organizations are making extraordinary efforts to protect their workers and serve their customers during the pandemic, exposure to cyberthreats is increasing significantly...Working from home has opened multiple vectors for cyberattacks through the heightened dependency on personal devices and home networks.”
- Organizations are having more and more online conference calls. “Zoom has quickly become the video meeting app of choice,” reports CNET. “And with that popularity, privacy risks are extending to a greater number of users. From built-in attention-tracking features to recent upticks in ‘Zoom-bombing’ (where uninvited attendees break into and disrupt meetings), Zoom's security practices have been drawing more attention.
- Lack of time and personnel has caused healthcare organizations to use added third-party vendors. To support your ongoing operations, you may be turning to such outside vendors as: document storage companies (both digital storage and hard copies); document shredding companies; payment processors (such as billing, claims handling or debt collection on your behalf); CPAs; accreditation and compliance organizations; and many more. You have to ask yourself how much these vendors put your patient security at risk during the pandemic.
- Hackers are taking advantage of the pandemic to fuel ransomware attacks and phishing schemes. COVID-19 uncertainties are helping these crooks breach systems, steal data and profit by holding both systems and data hostage. “Their objective is clear—hit organizations when they’re most needed and they’ll likely pay (and pay quickly!) for decryption keys because lives are at stake,” says Security Boulevard.
- The fast-moving needs for interoperability and sharing of protected health data during this crisis puts patient information at risk. Patients want their healthcare information to stay private. Healthcare provider organizations want to keep patient data secure. The hasty rush of COVID-19 cases is putting these two objectives at odds…and risking security.
- Healthcare organizations have been embracing cloud hosting at breakneck speed, without proper due diligence. This could well set the stage for a “cyberpandemic,” reports Healthcare IT News. “The COVID-19 pandemic is spurring adoption of cloud services across all industries as they rapidly pivot to support remote work and collaboration. This is particularly true for healthcare providers at the front line as they leverage remote access and cloud analytics to scale operations… leaving business leaders and security professionals tasked with protecting an attack surface that to date has been uncharted.”
- The rapidly increasing number of people testing positive for COVID-19 has made telehealth mandatory in many cases. The American Hospital Association related that, “On March 17, 2020, HHS granted permissionfor providers to use every day, non-public facing technologies, such as FaceTime or Skype, during the COVID-19 public health emergency… The exercise of these capabilities during this national emergency will no doubt demonstrate the value of telehealth as a fundamental component of care delivery.”
- From the point of view of social engineering, the panic has been a key way for bad actors to capitalize on the situation. Many of the phishing campaigns have targeted hospitals, manufacturers of medical equipment, and health insurance companies. “Attackers have taken advantage of the shortages of medical equipment and supplies, gaining traction amid the misinformation and fear,” reports Dark Reading (one of the most widely-read cyber security news sites on the web). “Most of the attacks we've seen during the pandemic are being delivered via email, so typically they are mass spam campaigns. In fact, in March alone, FortiGuard Labs recorded a 131% increase in viruses — no surprise given that email attachments contain infected and malicious content.”
Here’s how your healthcare organization can improve cyber defenses during and after this pandemic.
According to one cybersecurity firm the best practices are no secret.
- Use multi-factor authentication (MFA) whenever possible. It increases security when logging in to accounts. It simplifies the log-in processes for your healthcare staff. It enhances productivity for help desk teams who implement these tools to employees. It helps companies to meet regulatory compliance requirements. Most importantly, it will end up blocking 99.9% of automated attacks. In essence, multi-factor authentication (MFA) software secures users’ accounts by requiring them to prove their identity in two or more ways before granting access to accounts.
- Procure software—such as your VPN service—that includes MFA. Secure browsingwith privacy and encryption. Encrypt your data, hide your online activity, and stream from virtually anywhere with a VPN connection from virtually anywhere with a VPN.
- Keep your systems up-to-date. Promptly download and install all software and firmware updates.
- Backup important data regularly. Backing up data will help you recover lost, damaged or stolen/hacked data; protect against system crashes; help if deployment goes wrong; and clean system of a deadly virus.
- Make sure you store mission-critical data is on an air-gapped device to secure other computers. An air gap, air wallor air gapping is a network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecured networks, such as the public internet or an unsecured local area network. Air-gaps segment your backups and networks and isolate them from each other. This strengthens data security from a ransomware attempt and also enables regulatory compliance.
- Triple check that configurations on cloud servers are set correctly.
- Limit BYOD (bring your own device) unless it has been thoroughly checked and approved by your IT department. A safer path is to supply secure, work-only digital devices.
- Limit credentialed access to servers, and tier access to need-to-know or need-to-use.
- Drill your employees on the prevalence and danger of phishing emails.
- Create a company-wide protocol for cybersecurity. It all starts with having the right cybersecurity technology. Healthcare organizations need advanced tools for blocking and identifying phishing attempts, blocking malware from entering the network via email and drive-by-downloads, and anti-ransomware capabilities for identifying abnormal application behaviors before they can take root on a device or across the network.
- Establish thorough and detailed policies. These should include the communication and collaboration systems which are appropriately protected and secured for use (and those which are not), security tools that must be used (for perimeter, endpoint, and data protection), security practices that must be followed (such as keeping systems up-to-date), and acceptable and unacceptable use of corporate resources and personal devices connecting to the
During this pandemic, you need to have Blue Eagle Consulting on your side.
Blue Eagle Consulting’s training/consulting experts help your organization through every phase of your COVID-19 cyber defense and cyber security efforts, from auditing your current situation and recommending the appropriate security tools to reviewing policies and encryption to training your staff.
According to Forbes, “The post-Covid-19 era will make changes in what we expect in any software solution. As we are all thinking about safety and soundness, social distancing in one way or another will be the new norm. The way we interact using virtual reality, 3D modeling and contactless, frictionless design will shape everyday life.”
We can add resources as soon as possible. If you have current or future needs that we can help fill, simply call us at 1 (866) 981-1095 or email firstname.lastname@example.org.
To download the PDF version of this article, click here.