Hackers are taking advantage of the coronavirus uncertainty to spread malware and execute ransomware attacks. They wasted no time hitting the U.S. Health and Human Services Department earlier this week. While these attacks are directed at consumers, the government and businesses alike, healthcare providers need to be extra vigilant, given sensitive data and information our systems house.
Ransomware attacks are highly impactful and require little sophistication to execute. Because of the devastating effect a cyber scam can have on a healthcare provider – jeopardizing the security of provider and patient data and operating systems – these scams continue to be one of the most effective ways for cyber criminals to make quick money.
These actions mirror the uptick we’re seeing in grey market activity and offers to hawk counterfeit supplies around COVID-19. Like with the grey market, with vigilance and communication about how to avoid these schemes, providers can protect themselves.
Here are three ways providers can defend against cyber scams and ransomware.
1. Education and awareness
Education and awareness of ransomware attacks that leverage COVID-19 is the top priority. Both the Federal Trade Commission and the Cyber Security and Infrastructure Security Agency have issued alerts detailing how cyber criminals are using tactics, primary phishing, related to COVID-19 to spread ransomware.
Providers should educate employees to exercise caution with any communications they receive, particularly emails regarding COVID-19, so they are extra vigilant about coronavirus-related schemes. The more people who are aware of these schemes and risks, the more secure the organization will be.
Top pieces of information to communicate include:
- These schemes typically start as a phishing email claiming to be from the World Health Organization, the Centers for Disease Control and Prevention, or other government agencies requesting the recipient to open or download a document related to COVID-19 that turns out to contain a virus. See real examples of these phishing emails here.
- Recipients should be cautious of all COVID-19 emails that appear to come from government agencies. Criminals will often attempt to elicit emotional reactions in the phishing email by trying to create a false sense of urgency and fear. Check for spelling errors and other suspicious language in COVID-19 emails, and be extra vigilant with emails that request the recipient to download attachments, open documents, register for webinars or click on unfamiliar links.
- Mobile applications related to COVID-19 have also been found to have malware and viruses. Staff should be careful when downloading mobile apps related to COVID-19 (example: maps of COVID-19 outbreaks) and only download apps from official, trusted stores.
2. Planning for cyber security risks within COVID-19 business continuity and disaster recovery plans
While it’s easy for IT to be overshadowed by patient surges and supply sourcing, as hospitals stand up incident command structures, it’s smart to account for cyber security risks as well. This may include having IT personnel join the incident command team or provide daily updates to leaders about the integrity of their technology systems and any purported issues.
For further protection, some providers are also looking at non-traditional ways to share the risk of ransomware through expanded cyber security insurance.
3. Strong security hygiene
Like handwashing and flossing, it’s a good idea to build in strong security practices into everyday efforts so that systems are fortified before, after and during a crisis. This includes a good back-up strategy, such as ensuring critical systems and data are backed-up to a secure location that is disconnected from the enterprise network; email security; multi-factor authentication; and malware protection. IT professionals should regularly train for potential cyber risks and develop crisis plans so they have clear action plans, such as pre-drafted messages to send leaders and the workforce, if cyber security is compromised.
As providers concentrate on efforts to care for an influx of patients and manage operations, cybercriminals continue to lurk on the boundaries of their businesses. Exercising caution with any communications regarding COVID-19 is an essential element to enhance providers’ ability to maintain operations and patient care during this time.
During COVID-19, Premier continues to act as a trusted connection point for healthcare providers, suppliers and the government. We are working 24/7 to address challenges as they occur and help our alliance of more than 4,000 hospitals and health systems and 175,000 non-acute providers access the supplies they need to serve their communities. We are also partnering with the Administration and private sector to create both short-term and long-term solutions, and sharing our insights to help inform the public understanding.
Access our COVID-19 resources and tools.