Vaccines And Ransomware: How "Vaccine Nationalism" Is Highlighting Cybersecurity Concerns

A growing cybersecurity concern in 2021 is the threat of nation states and cybercriminals attacking the healthcare system.

COVID-19 made the health sector a prime target in 2020, but the risk will likely continue and evolve as the vaccination rolls out. According to IBM, state-hackers likely targeted the "cold chain" used to keep vaccinations cold during transport.

The vaccination global supply chain is complex. Although large pharmaceutical companies have been thinking about preventing cyber-espionage for the past decade, many of the smaller organizations involved in the supply chain have not need strong cybersecurity protections in the past.

Intelligence and security officials have suggested that "vaccine nationalism" could lead countries to try to undermine each other's research efforts or steal intellectual property for financial gains. The U.K. has accused Russian intelligence of targeting their vaccine research, while the U.S. leveled similar allegations against Chinese hackers.

Nation-state hackers may combine cyber espionage with human espionage tactics—for example, deliberately disseminating misinformation about vaccinations online or questioning a country's testing or safety record.

However, the most serious threat, according to cybersecurity experts, comes from ransomware spread by cybercriminals. Security firm Positive Technologies recently released findings showing that ransomware made up half of all cyberattacks on the healthcare sector from July 2020 to September 2020. On one day in October, six hospitals in the U.S. received ransom demands of one million dollars or more, which forced the cancellation of some cancer treatments.

One doctor warns that cybercriminals understand "clinical urgency," meaning they know they are more likely to get a ransom payment if they disrupt patient care. As patient care has moved online, there is concern cybersecurity has not kept pace and the fact that more devices are connected could lead to a "cascade effect." The doctor adds that the biggest risk is not cybercriminals locking healthcare organizations out of their data, but rather tampering with the data. Gordon Corera "Health to be on cyber-security's front line in 2021" bbc.com (Dec. 28, 2020).

 

Commentary

Healthcare organizations are not the only ones that face an increased risk from ransomware this year. Across the board, ransomware is becoming more common and sophisticated, and all organizations must be prepared.

According to the Mid-Year Threat Landscape Report 2020 published by Bitdefender, there was a 715 percent year-on-year increase in detected ransomware attacks from 2019 to 2020.

In addition, cybercriminals have made ransomware more sophisticated as they seek ransoms in the hundreds of thousands of dollars—or even millions.

Because new forms of ransomware are always emerging, cybersecurity protections must likewise develop to prevent an attack.

Update security patches as soon as they are available. Implement newer cyber protections, such as multi-factor authentication, everywhere possible. Keep essential data stored on a drive not connected to the internet and back it up regularly.

If you have not updated your ransomware protections lately and do not have a team in-house addressing cyber threats, now is a good time to work with cybersecurity experts to conduct a risk assessment and help you determine what tools will best keep you protected.

Finally, your opinion is important to us. Please complete the opinion survey:

What's New

So Where Is All The Malware Hidden On Your System?

Cybercriminals are using new technology and techniques to evade detection. Learn more about how malware is hidden from antivirus software.

Are You Practicing Webcam Security?

Hackers can access a webcam and it could simply be on without your knowing. Read tips for staying safe around devices with cameras.

Why Your Organization Needs A Security Breach Notification Plan

All states have laws requiring organizations to notify individuals whose personal data is hacked. Learn more about why.