A warning issued by Microsoft cautions healthcare organizations about an increased risk of cyberattacks during the COVID-19 emergency. The technology company says that, with a current focus on emergency response efforts, hospitals and health systems are “particularly exposed” to ransomware and other forms of cyberattacks.
Microsoft notes that new vulnerabilities stem from “virtual private networks (VPN) that hospitals are using as some of their staff work remotely” and, consequently, ransomware “could exist on a victim’s network for months undetected.” Furthermore, these attacks may not necessarily be more advanced in nature but are “tailored to prey on people’s fears and urgent need for information.” According to Becker’s Health IT, “Hackers are tricking physicians and consumers into clicking on malicious links to COVID-19 information. In return, hackers download malware or ransomware on computers.”
An alert issued by U.S. Cybersecurity and Infrastructure Security Agency shares several steps organizations can take to mitigate their security risks including:
- mandates that require workers use company-owned computers and frequently patching their VPNs with the latest security fixes;
- employee alerts regarding increased phishing attempts;
- bolstered remote IT security efforts including log review, attack detection, and incident response and recovery;
- implementation of multi-factor authentication on all VPN connections; and
- implementation of VPN limitations and modifications such as rate limiting that prioritizes users.
Additionally, cyber threat intelligence company Check Point Research advises healthcare organizations to be diligent in monitoring “suspicious domain names and emails from unknown senders.”
MLMIC will continue to keep policyholders informed of COVID-19-related developments and encourages all providers to visit the dedicated resource page on our website.