Anatoliy Babiy

2020 has been a rough year for everyone, from individuals to organizations. One sector that’s been hit especially hard is healthcare. Under pressure to help those afflicted with the coronavirus and work toward a vaccine, hospitals and healthcare facilities have also been hurt by cyberattacks that have threatened not just the data but the lives of patients.

SEE: Meet the hackers who earn millions for saving the web, one bug at a time (cover story PDF) (TechRepublic)

Unfortunately, 2021 is likely to see more of the same with a variety of threats and vulnerabilities affecting the healthcare industry. In a report released on Wednesday, security firm Kaspersky offers six predictions that will impact healthcare providers next year.

With the coronavirus pandemic in the spotlight, this year has seen healthcare become a popular topic for cybercriminals to exploit. To capture the attention of interested and anxious people, criminals have launched coronavirus-related emails with malicious attachments, devised phishing campaigns, and deployed targeted attacks. In many instances, email campaigns have spoofed healthcare organizations such as the WHO with promises of important information about the virus.

Cybercriminals also eagerly took advantage of the attempts to create a COVID-19 vaccine. In a campaign that surfaced this past summer, state-backed Russian hackers launched targeted attacks against pharmaceutical companies, healthcare facilities, and research centers all involved in vaccine development. With the announcement of certain COVID-19 vaccines awaiting approval in the US and elsewhere, attackers are likely to exploit the public’s desire for more details about these vaccines.

In the wake of the pandemic, certain criminal gangs such as DoppelPaymer and Maze promised not to target medical organizations. But other groups quickly took up the slack, so hospitals and healthcare facilities are far from immune to attack just because they’re battling a deadly disease. For 2021, Kaspersky’s crystal ball sees the following six security risks threatening the healthcare industry:

  1. Attacks against COVID-19 vaccine and drug developers and attempts to steal sensitive data from them will continue. The world is not only fighting the disease but witnessing a race between pharmaceutical firms in which any breakthrough will likely result in targeted attacks on the company that made it.
  2. In countries with highly developed public healthcare, organizations in the private medical sector, most of which are small and midsized businesses (SMBs), will face attacks. Protecting patient data and infrastructure is fairly expensive and thus difficult for SMBs to implement at the best of times, let alone during an economic crisis.
  3. Health-related cyberattacks will be used as a bargaining chip in geopolitics. The attribution of attacks entailing serious consequences or aimed at the latest medical developments is sure to be cited as an argument in diplomatic disputes.
  4. Next year will see a stream of reports about patient data leaks from cloud services. The transition of medical organizations to cloud infrastructures and their storage of personal information is already creating additional risks. Given Kaspersky’s correct prediction last year that interest in user health data would grow, healthcare institutions must devote serious energies to protecting their cloud infrastructures right now.
  5. Medicine as a bait topic will be with us next year and remain current at least until the end of the pandemic. The human factor is one of the most important components of many attacks, and information about new regulatory restrictions, potential treatments, and patient health will continue to attract user attention. Leaked medical records will also become part of the hook in targeted attacks because accurate patient information will make fake messages far more credible.
  6. The focus on digital security in hospitals offers hope that 2021 will be the year when cybersecurity and healthcare join forces. Past experience has shown that painful lessons such as the Wannacry epidemic in 2017 and the coronavirus pandemic in 2020 are the very thing that incentivizes organizations to pay more attention to infrastructure security.

“Medical organizations process a vast amount of highly sensitive data,” Maria Namestnikova, project manager for Kaspersky, told TechRepublic. “Previously this data was kept on paper, but now it’s all digitized and even put into the cloud. Most medical employees are not very experienced users of digital processes. In addition, organizations that make the software for those organizations are usually SMBs, so they don’t have enough resources to make software secure enough in addition to its main functions.”

To help healthcare organizations better protect themselves and their patient data, Namestnikova offers the following advice:

  • Software developed for an organization must be secure and should not be available to anyone via the internet just by searching for it. In addition, all software should at least be protected by a password, and certainly not the default one.
  • All employees of medical organizations must be taught the importance of keeping patient information secure. The human factor is one of the main vulnerabilities in any security system, so security awareness by employees is the first line of defense in keeping information safe.
  • The basic security rules for all companies apply to medical organizations as well. At a minimum, antivirus solutions should be installed on every machine. If the organization is large enough and has the required resources, more advanced measures must be taken, such as centralized policies and endpoint detection and response (EDR) on every endpoint.