As the Coronavirus (COVID-19) pandemic continues across the world, malicious attackers are seeking to take advantage of the crisis situation by launching new coronavirus-related attacks. As Costin Raiu, Director of Kaspersky’s Global Research and Analysis Team (GReAT), notes, healthcare organisations are particularly vulnerable.
“Cybercriminals have long used crisis situations to further their own agendas, and the COVID-19 pandemic is no exception; in the past, we’ve seen similar situations with Hurricane Katrina and the earthquakes in Japan. Unfortunately, healthcare organisations and hospitals — which are at the centre of the fight against the COVID-19 pandemic — can find themselves in the crosshairs,” says Raiu.
“When it comes to the targeting of healthcare organisations, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market. In particular, holding data for ransom is an unfortunate outcome we've seen with many hospitals in the past. State actors have also launched attacks against health institutions for purposes of intelligence gathering. Regardless of the reason, it’s important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients."
There are a number of specific steps these institutions can take to mitigate their risk, including:
It is essential to install all security updates as soon as they appear. Most cyberattacks exploit vulnerabilities that have already been reported and addressed, so installing the latest security updates lowers the chances of an attack.
Protect remote access to corporate networks by VPN and use secure passwords for domain accounts.
Always update your operating system (OS) to eliminate recent vulnerabilities and use a robust security solution with updated databases.
Always have fresh back-up copies of your files so you can replace them in case they are lost (e.g. due to malware or a broken device) and store them not only on a physical medium but also in the cloud for greater reliability.
Remember that ransomware is a criminal offence. You shouldn’t pay a ransom. If you become a victim, report it to your local law enforcement agency. Try to find a decryptor on the Internet first – some of them are available for free here: https://noransom.kaspersky.com
Educating employees about cybersecurity hygiene is necessary to prevent attacks from happening in the first place. Kaspersky Interactive Protection Simulation Games offer a special scenario that focuses on threats relevant to local public administration.
Use a security solution for organisations in order to protect business data from ransomware. Kaspersky Endpoint Security for Business has behaviour detection, anomaly control and exploit prevention capabilities that detect known and unknown threats and prevent malicious activity. A preferred third-party security solution can also be enhanced with the free Kaspersky Anti-Ransomware Tool.
“Moreover, many security companies these days are volunteering to help healthcare organisations fight these cyber threats. We at Kaspersky offer free access to our B2B products to healthcare institutions and call representatives of this industry to tell them how they can receive this protection,” concludes Raiu.