As Costin Raiu, director of Kaspersky’s Global Research and Analysis Team (GReAT), notes, healthcare organisations are particularly vulnerable.
“Cybercriminals have long used crisis situations to further their own agendas, and the Covid-19 pandemic is no exception; in the past, we’ve seen similar situations with Hurricane Katrina and the earthquakes in Japan. Unfortunately, healthcare organisations and hospitals - which are at the centre of the fight against the Covid-19 pandemic - can find themselves in the crosshairs,” says Raiu.
“When it comes to the targeting of healthcare organisations, cybercriminals are usually looking to gather sensitive or scientifically significant information and either hold it for ransom or sell it on the black market. In particular, holding data for ransom is an unfortunate outcome we've seen with many hospitals in the past. State actors have also launched attacks against health institutions for purposes of intelligence gathering. Regardless of the reason, it’s important that these healthcare organisations practice increased vigilance because any type of attack could interfere with them being able to provide critical care for their patients."
Mitigate the risks
There are a number of specific steps these institutions can take to mitigate their risk, including:
“Moreover, many security companies these days are volunteering to help healthcare organisations fight these cyber threats. We at Kaspersky offer free access to our B2B products to healthcare institutions and call representatives of this industry to tell them how they can receive this protection,” concludes Raiu.