The healthcare system has been pushed to its breaking point by COVID-19 and patient data is absolutely critical to slowing down the spread of the virus, the creation of a novel vaccine, and coordinating resources and care. Hospitals have found themselves having to defend their data against new cybersecurity attacks and phishing attempts on a daily basis. These attackers will be posing as employees who are working remotely or as CDC officials in some cases and use that ruse to steal information from their targets. Even the Department of Health and Human Services has suffered an attack intended to disrupt their organization.
41%of all data breaches have targeted the healthcare industry and healthcare facilities have become an even larger target now, due to their crippled and spread resources which are being focused on the new influx of patients. With rising numbers of digital data and the sharing of data between organizations, new weak points in security are being created every day. It does not help the situation that these systems are not unified between organizations, all of which have different protocols, measures, and “norms” which can be exploited.
Even with all of the issues being caused, some of the more famous hacker and ransomware groups have publicly stated that they will stop attacking healthcare organizations for the duration of the pandemic. It should be stated, however, that the increase in the number of cyberattacks is not something which is unique to coronavirus. This correlation occurs during any major event. In the past, it has been seen during the Olympics, elections, and any other large-scale events.
The healthcare industry has been forced to reexamine the way it handles its systems as a result of the increased frequency of attacks. During a time of crisis, when patient influx is at an all time high and facilities are stretched to their limits, employees are already having trouble keeping up. They are being forced to take on roles they are not used to while still dealing with increased stress and a lack of supplies. Any and all disruptions become not only a larger issue than they originally were and they could only become worse over time, not better.
Cybersecurity starts with risk management, whether that means changing protocols or increasing training. Beyond that, there are insurance considerations which professionals can (and should) assist with. For more information about cybersecurity or to find out how you can protect your organization, click here to contact us.
