Cyber-attacks like ransomwar and phishing are rising exponentially due to COVID.

It is now well established that the COVID pandemic has forced enterprises and institutes to embrace the new normal. As the coronavirus sent shockwaves across industries, nations and governments, impacting every individual, it also became an opportunity for cybercriminals. From phishing attacks on WHO and US Centers for Disease Control and Prevention (CDC) to EHR snooping, malware by Russian-language cybercriminal forum XSS to infodemic, such instances took a heavy toll on several industries and people likewise. Even VPNs and Wi-Fi evolved as a new set of targets. Earlier this year, INTERPOL had issued a warning to organizations at the forefront of the global response to the COVID-19 outbreak about ransomware attacks designed to lock them out of their critical systems in an attempt to extort payments. According to the Federal Trade Commission, by mid-August 2020 there had been more than 172,000 fraud reports related to the pandemic itself, at the cost of about US$114.4 million.

Why Healthcare is the target?

One of the main victims of this nefarious activity is the healthcare industry. Cybercriminals are launching Covid-19-themed attacks, now and then, in the form of phishing emails with malicious attachments that drop malware to disrupt systems or steal data and credentials. Once the data from healthcare organizations is breached, it may affect the lives of many patients and also hamper the drug discovery process too. Every developed nation has observed unsurfaced targeted efforts against the healthcare, pharmaceutical, academic, and research industries tasked with providing uninterrupted patient care to infected people and in COVID vaccine research. While it is understandable that healthcare resources have now shifted to focus and budget on their primary role, one cannot afford to ignore the vulnerability due to COVID. According to one estimate, health systems put only 4% to 7% of their budgets toward cybersecurity – which is 2x to 3x less compared to other sectors that also handle highly personal data. This is why COVID related cyber threats have caught many healthcare officials off-guard. So, investing in security and privacy though adds burden on scarce resources, it has become crucial, if not mandatory.

Meanwhile, the Department of Health and Human Services reported a nearly 50% increase in the number of healthcare-related cybersecurity breaches, with 132 reported incidents that targeted network servers, desktop and laptop computers, email and electronic medical record (EMR) systems. This is only the statistics of the first half of the year. Meanwhile, the announcement by Office of Civil Rights (OCR) exercised enforcement discretion about not impose penalties for non-compliance with HIPAA regulations against providers leveraging telehealth platforms that may not comply with privacy rules, during the pandemic mayhem, encouraged more cybercrimes.

Leading the example

UK's National Cyber Security Centre (NCSC) recently revealed that the cyber arm of GCHQ (Government Communications Headquarters) had handled more 200 cyber incidents related to COVID and coronavirus during the course of this year in its Annual Review 2020 report. This is almost a third of the total number of incidents it was called in to help with over that period. NCSC also secured NHS (National Health Service) from cyber-attacks by performing threat hunting on 1.4 million NHS endpoints in an effort to detect potentially suspicious activity and scanning over one million NHS IP addresses to detect cybersecurity weaknesses. NCSC also helped roll out Active Cyber Defence services, including Web Check, Mail Check and protective DNS, to 235 front-line health bodies across the UK, including NHS Trusts to help protect them against phishing attacks and other threats.