Covid-19: Hospitals, WHO face cybersecurity threats
Hospitals across the world and healthcare institutions such as the World Health Organisation (WHO) are particularly vulnerable, and may be facing threats from cybercriminals, as the Coronavirus episode continues to unfold, Costin Raiu, Director of Kaspersky’s Global Research and Analysis Team (GReAT), revealed this week.
Malicious attackers are seeking to take advantage of the crisis situation by launching new coronavirus-related attacks, and unfortunately, healthcare organisations and hospitals — which are at the centre of the fight against the COVID-19 pandemic — can find themselves in the crosshairs, he said.
“Cybercriminals have long used crisis situations to further their own agendas, and the COVID-19 pandemic is no exception and in the past, we’ve seen similar situations with Hurricane Katrina and the earthquakes in Japan,” Raiu added.
“When it comes to the targeting of healthcare organisations, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market, he pointed out.
“In particular, holding data for ransom is an unfortunate outcome we've seen with many hospitals in the past. State actors have also launched attacks against health institutions for purposes of intelligence gathering,” he explained.
“Regardless of the reason, it’s important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients."
Raiu, who has over 24 years of experience in anti-virus technologies and security research, recommends the following specific steps these institutions can take to mitigate their risk. These include:
- Installing all security updates as soon as they appear. Most cyberattacks exploit vulnerabilities that have already been reported and addressed, so installing the latest security updates lowers the chances of an attack.
- Protecting remote access to corporate networks by VPN and use secure passwords for domain accounts.
- Always updating your operating system (OS) to eliminate recent vulnerabilities and use a robust security solution with updated databases.
- Have fresh back-up copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device), and store them not only on a physical medium but also in the cloud for greater reliability.
“Remember that ransomware is a criminal offence, and therefore you shouldn’t pay a ransom. If you become a victim, report it to your local law enforcement agency. Try to find a decryptor on the Internet first,” he advised.
Some of the decryptors are available for free here: https://noransom.kaspersky.com
Educating employees about cybersecurity hygiene is necessary to prevent attacks from happening in the first place. Kaspersky Interactive Protection Simulation Games offer a special scenario that focuses on threats relevant to local public administration, Raiu said.
Others recommendations include:
- Use a security solution for organisations in order to protect business data from ransomware. Kaspersky Endpoint Security for Business has behaviour detection, anomaly control and exploit prevention capabilities that detect known and unknown threats and prevent malicious activity. A preferred third-party security solution can also be enhanced with the free Kaspersky Anti-Ransomware Tool.
“Moreover, many security companies these days are volunteering to help healthcare organisations fight these cyber threats. We at Kaspersky offer free access to our B2B products to healthcare institutions and call representatives of this industry to tell them how they can receive this protection,” Raiu concluded.