Cybersecurity During the COVID-19 Pandemic
Keeping You Informed to Stay Protected
August 19, 2020
By Chase Maser
On July 21st, 2020, U.S. officials accused two Chinese hackers and the Chinese government of attempting to steal data from biotech firms developing COVID-19 vaccines and treatments.
Although the alleged hackers, Li Xiaoyu and Dong Jiazhi, targeted a wide range of intellectual property, the official indictment states both suspects exploited "vulnerabilities in the networks of biotech and other firms" known to be working on COVID-19 research. It's unknown if the hackers gained any knowledge of COVID-19 vaccines and treatments successfully; however, the attempt opened a doorway for future potential breaches to infiltrate the healthcare infrastructure.
With nearly four decades of IT domain expertise, Quest International has a broad range of information technology capabilities from specialized devices to connected IT infrastructure across various market segments. Quest has observed an increased risk of cybersecurity threats during COVID-19, exposing organizations to potential data breaches. Quest assists companies in mitigating risks and monitoring networked infrastructure to provide robust security protocols and best practices—reducing potential exposure. Now is the time to address vulnerabilities your organization may have, and we have outlined a few case examples outlining where they may exist within the Healthcare ecosystem.
Security Vulnerabilities of Remote Work
The COVID-19 pandemic has overwhelmed security measures across every major business. From non-essential employees working from home to hospitals overloaded with patients—the susceptibility of a security breach is more prevalent than ever.
Some of the most significant concerns involve the inherent security vulnerabilities of remote workers. According to the International Association of Asset Managers (IATAM), the COVID-19 pandemic has caused an increase in data breaches that fall under four categories:
Unsecured Assets: Removing admin permissions on private assets, employees using "unpatched" computers for daily work, employees using personal computers without virtual private networks (VPNs) protecting them.
New Hardware Additions: With the increase of employees working remotely, companies are investing more money into new hardware additions for employees. However, IT teams cannot work fast enough to secure these assets and train employees properly to avoid security breaches at home.
Home Network Vulnerabilities: Internet access at home is much less secure than on location in controlled office settings. Faulty networks with the inclusion of personal devices create a hotbed of malicious threats.
User Error: In addition to the previous vulnerabilities, user error becomes more prevalent with phishing attacks claiming to be scams. Surveys or information about COVID-19, and other false campaigns disguised to obtain access to secure infrastructures.
One of the best examples of remote work security vulnerabilities comes from a group of hackers who tricked remote employees of the World Health Organization (WHO) by creating a fake web portal for them to log into with sensitive information.
Fortunately, Alexander Urbelis, a security lawyer of New York's Blackstone Law Group, recognized the scam. He stated that the web portal was "very, very convincing,” This demonstrates the sophistication of organized cybercriminals and what they can potentially accomplish.
In fact, the FBI even released a Public Service Announcement (PSA) on March 20th, 2020, notifying the country on the recent and expected uptick of fraudulent scams related to the COVID-19 pandemic. Online activities included:
Fake Centers for Disease Control and Prevention (CDC) emails that use embedded links to steal information
Phishing emails inquiring about stimulus funds and general relief bills
False COVID-19 treatments or Personal Protective Equipment (PPE) equipment listed for sale designed to steal consumer information
On-site Data Breaches and vulnerabilities Healthcare Providers Have Faced
With the rise in coronavirus cases and influx of patients, hospitals are overloaded and this new medical data is highly sought after.
So how are hospitals dealing with this threat of stolen data? Over the last 5 years, we've seen many hospitals exposed to ransomware, and cases are increasing rapidly in 2020.
On July 1st, the Florida Orthopaedic Institute (FOI) experienced a ransomware attack that affected 640,000 patients—stealing sensitive information that included home addresses, social security numbers, insurance plan information, diagnoses outcomes, payment amounts, and birth dates. Thankfully, the attack was recognized by encryption protocols within FOI's server. Unfortunately, late detection did not prevent patient data from being leaked. As a result, FOI is facing a lawsuit of $99 million under the claim that FOI failed to respond quickly enough to the attack.
Medical devices are increasingly found to be vulnerable to hacking. For example, an independent security researcher discovered not just one or two but eight security vulnerabilities in an infusion pump manufactured by a top device manufacturer. These devices are used across the globe for delivering small doses of medication in acute critical care, such as neonatal and pediatric intensive care and the operating room.
Some of these vulnerabilities discovered can easily be exploited by a remote attacker to potentially gain unauthorized access and modify the intended operation of the pump.
The list of data breaches in 2020 continues to grow. With COVID-19 raging on throughout the world, it seems as though the rate of data breaches—and severity—will only worsen before we see any improvements.
Discover How to Solve Data Breaches with Quest International
Once you're aware of the problem, monitoring the environment and developing a solution becomes much more manageable.
To keep organizations safe, mitigate risks, and prevent potential data breaches, Quest International offers a 3-phase program to develop a customized solution. The initial phase, "Awareness" is to understand the current security situation within the organization. After the initial phase and a foundation of insight, Quest aids in the "Discovery". During this phase, Quest will uncover what the organization currently has in place to fight security issues—leading to what "Actions" need to be implemented given the state uncovered in the discovery phase.
To learn more about our services and to sign up for a one-on-one discovery call with our team, please click the button below to contact us.
Click Here to Contact Us