Dr. Rachael Bailey, Healthcare IT Content Consultant at Atlantic.Net
As well as the huge disruption it has brought to our day-to-day lives, the COVID-19 pandemic has left businesses and organizations increasingly vulnerable to cyberattacks. As intellectual property becomes more valuable than ever and our reliance on healthcare technology grows, we have seen targeted attacks on healthcare organizations, including COVID research institutions. While advances in medicine and science put us on a path towards taming the pandemic, it seems inevitable that our “new normal” will remain with us for some time. As the global situation has highlighted our vulnerability to future pandemics and associated cyberattacks, we must take the opportunity to better prepare ourselves. In this article, we will discuss how businesses can predict and prepare for a rise in cyberattacks.
How Are Cybercriminals Exploiting the Pandemic?
While the healthcare sector has always been a prime target for cyberattacks, hackers are taking advantage of the current upheaval to exploit a global vulnerability. Healthcare organizations, academic institutions, and government agencies have become a cyberattack target during a time of great pressure for them. Indeed, the pandemic brings a unique set of cybersecurity challenges to the healthcare sector. Academics and scientists carrying out COVID-19 research are particularly susceptible to attack, as they collect valuable data on potential therapies and vaccines.
An increase in remote working and homeschooling has also provided new opportunities for cybercrime with employee endpoints lacking adequate security. Throughout the course of the pandemic so far, we have seen many incidents of coronavirus-related spam, phishing emails, and malicious domains.
How Can We Prepare for Future Cyber Pandemics?
While we will hopefully see an end to the current pandemic in the not too distant future, we will inevitably face similar health crises moving forwards. Our day-to-day lives have changed in many ways over the past year, with many of us working from home and using technology that we have never used before. We must now shift our focus to learning from our current situation and preparing ourselves for future attacks, but where do we begin?
Assess the security of remote workers
With remote working set to remain the norm for some time, the security of remote working should be a priority. The security protection of employee endpoints should be assessed, deploying appropriate anti-malware and anti-virus software. Multi-factor authentication and remote wipe capabilities can also be established to protect end-user devices. Device hard drives should be encrypted with products such as Bitlocker or PGP as a bare minimum. When using personal internet connections, remote workers should ensure that these are protected with a robust password and are secured with WPA2 wifi encryption technology.
Strengthen security by using a VPN
The use of site-to-site or remote-access VPNs should be encouraged to encrypt traffic, enhance security and protect data for employee endpoints. The VPN creates a secured tunnel that connects the employee’s device to a secured network, with all traffic encapsulated between the two, making snooping near-impossible.
Implement cybersecurity training
All employees should receive suitable cybersecurity training to ensure that they understand their roles and responsibilities and are able to quickly identify potential threats. Employees are the front line to any business, they hold the keys to the internal infrastructure. Ensuring these employees are adequately trained is incredibly important, arguably one of the most important aspects of cybersecurity. Security Awareness training can provide a significant advantage, so once a threat is identified, employees know how to appropriately detect and respond to the incident.
Regularly review cybersecurity
Organizations should regularly review their cybersecurity risk level and ensure that they have adequate measures in place to mitigate risk. Conduct an initial risk assessment to create a working baseline of the security standards, then review the assessment at regular intervals to track and progress the threats in order of severity.
Mitigation activities will typically include regular software updates and patches and frequent auditing of employees’ endpoints and network connections to ensure that an adequate level of security is maintained.
Update business continuity plans
Organizations should consider carrying out cyberattack simulation exercises allowing them to develop effective crisis and business continuity plans. Cyberattack simulations allow businesses to use real-world scenarios to test out the strength of their defenses. Businesses should perform regular and robust backups and have effective data recovery mechanisms in place.
Deploy cloud-based services
With the offer of decreased deployment time, increased data security, managed regulatory compliance, and high availability, it is easy to see why an ever-increasing number of organizations are migrating their services to the cloud. Cloud-based services are architected from the ground up for maximum security and provide a significant advantage against targeted cyberattacks.
Consider adopting a Zero-Trust Security Policy
In a post-pandemic era, many organizations will look to adopt a zero-trust security policy to enhance their defense against attack. Boasting the mantra ‘never trust, always verify’, a zero-trust platform completely eliminates the element of trust from an organization’s infrastructure, enforcing a least privilege access model. This model assumes that anything or anyone may present a threat. Adopting a zero-trust security policy ensures that all access is verified on an individual basis, incorporating authorization, authentication, and encryption measures.
Outsource your cybersecurity
As the cybersecurity landscape evolves post-COVID, an increasing number of businesses will look to outsource their cybersecurity requirements. While there are many things that you, as an organization, can do to mitigate your cybersecurity risks, placing your infrastructure in the hands of a managed service provider will take the hassle out of maintaining security and compliance. Make sure that you choose a cloud hosting provider that is independently audited for data security and compliance. A managed service provider will ensure that your infrastructure is monitored around the clock and that a robust Intrusion Prevention System is put into place.
Monitor external threats
While preventative measures, such as endpoint protection, are important, businesses must look to invest in the monitoring and detection of external threats. This can be completed by carrying out regular vulnerability scans and investing heavily in the training of cybersecurity teams.
As the pandemic continues to affect our lives through 2021, and as we gather more valuable data and information, organizations of all sizes must ensure that they are adequately prepared to deal with the very real threat of cyberattacks. By spending the necessary time and resources to plan for such an attack, you can mitigate the risk to your business.
About the Author
Dr. Rachael Bailey, Healthcare IT Content Consultant at Atlantic.Net.
A graduate of the University of Chester and postgraduate of the University of Liverpool, with a Ph.D. in Gastroenterology and Cell Biology and a First-class degree in Biomedical Sciences. An experienced and passionate medical writer and an expert in writing scientific documents, regulatory-related documents, and articles discussing US Healthcare and Compliance.