As Covid-19 spread across the country many businesses deemed non-essential were ordered by the government to close to mitigate the spread of the virus. Due to the closures – many Americans found themselves without a job and no steady source of income. In response, the United States Government announced that citizens would receive a $1,200 stimulus check to hold them over until business resumed. Mere days after the announcement the phone calls began as identity thieves posing as the IRS tried to steal account numbers of unsuspected victims.
Since then, threats have become more sophisticated - hackers have set their sites on the healthcare industry and essential services by infiltrating private networks and stealing sensitive data. In late March, 10X Genomics a biotechnology research firm studying Covid-19 was the victim of a ransomware attack. In the end the culprit obtained over 1TB of data from the company.
10X Genomics is not the only company that have fallen victim to cybercrime due to Covid-19. According to InfoSecurity Magazine, as of April - Cybercrime was up almost 37% thanks to the Covid-19 pandemic. WHO, Gates Foundation, and CDC were the target of data breaches with thousands of passwords stolen.
The healthcare world has been hit disproportionately to other industries during the pandemic. While there are different theories on why this is – one theory is that the industry is so laser focused on Covid-19 that they are easy targets for cyber attacks. This spells disaster for already fragile hospitals, labs and healthcare services. "Healthcare organizations are thought to have been the target of aggressive cyber-attack due to COVID-19 related treatment of patients, lab testing services, vaccine testing services, and/or biosafety labs,” Lee Kim, HIMSS Director of Privacy and Security explained in HIMSS’s Healthcare and Cross-sector Cybersecurity Report. She also mentioned in the report that "hospitals, government agencies, and others are experiencing distributed denial of service attacks (some successful, and attempts in other cases). In the case of successful attacks, some organizations have had to completely shut down their network according to reports.”
While not exclusive to the healthcare industry – hackers are taking advantage of remote workers to try to infiltrate a company’s database. While many of the data breaches are characterized as phishing attacks – others are more sinister. Like 10X Genomics - Europe’s largest private hospital group Fresenius confirmed on May 6th that they were the victim of a ransomware attack. The attack targeted their pharmaceutical business and limited production. Steffen Rinas, spokesperson for Fresenius Group assured, “…our patient care continues. Our IT experts are continuing to work on solving the problem and ensuring that operations run as smoothly as possible.”
In the wake of Covid-19- it is critical that the healthcare industry do everything they can to protect themselves against a data breach. With limited resources, manpower, and funds – a potential cyber-attack is something that many healthcare organizations simply cannot afford.Last modified on Monday, 11 May 2020