In June, medical school servers at the University of California, San Francisco were hit with malware. The school was working on COVID-19 research, according to the BBC. Although the institution said the breach didn’t affect patient care, UCSF ultimately paid a $1.14 million ransom.
Six of Intermountain’s closest partners have suffered phishing attacks in recent months, West noted. One of them endured six separate attacks and ended up paying a ransom to cybercriminals.
The events can have deeper effects beyond a temporary scramble or a costly payout.
“In most of these instances, when partners have been impacted, we’ve gone to our playbook and severed connections,” said West. “It has meant serious disruption to business processes.”
Phishing Scams Are Targeting COVID-19 Concerns
Cybercrime related to the pandemic is cruelly precise.
Attackers not only are targeting geographical areas of the United States where COVID-19 caseloads are rising, they’re also aiming phishing attacks at healthcare workers most likely to be under additional stress, said Ryan Witt, managing director of the healthcare industry practice at Proofpoint.
“As we get into COVID more, we see attacks that tug at your emotions tend to be the most impactful and favored by cybercriminals,” said Witt, who spoke at a different HIMSS webinar on the subject.
Proofpoint researchers discovered a shift in COVID-related phishing targets. The hackers’ focus has moved from administrators to clinicians and, more recently, hospice workers — a group that often has weaker infrastructure and less cybersecurity training.
READ MORE: Learn how hospitals can take action to reduce their vulnerability to phishing attacks.
At first glance, the phishing lures observed by Proofpoint might seem credible: imposter emails from the World Health Organization, fake purchase orders for personal protective equipment, and bogus notices about receiving a “vaccine ID” from the Centers for Disease Control and Prevention.
“In the healthcare sector, if we had weaknesses coming into this, they’re definitely showing now,” said Lee Kim, director of privacy and security at HIMSS, who emphasized the need for a comprehensive education program for all staffers.
“Also, simply put, if there was no plan in place or really an ad hoc plan in terms of business continuity for unusual times such as this, I strongly believe healthcare organizations must take a second look to make those plans more robust.”
How to Establish a Safe Perimeter for Remote Work in Healthcare
A massive shift to remote work quickly flipped the script for many industries. When the crisis began, 70 percent of Intermountain caregivers had the ability to work remotely. But the migration required many new provisions to keep bad actors from infiltrating a vastly different perimeter.
“It was truly a cyber pandemic as we tried to get everyone in the right containers and buckets, using the right connections, making sure we had people set up with VPNs,” West said. “And in the middle of that, we had people taking office-provisioned machines into homes.”