Hackers Attacking Humanity
As if the healthcare industry is not stressed enough trying to get ahead of the Coronavirus pandemic, they are now under attack on another front, cyber crime. According to an article in The Hill, major health agencies such as the Department of Health and Human Services (HHS) and the World Health Organization (WHO) have been under persistent cyber attack since the beginning of the Coronavirus pandemic. Beyond attacking health organizations during a global pandemic, Work From Home (WFH) individuals are also under attack by cyber criminals using this global emergency to steal money and personal information. Unfamiliar circumstances and stressful conditions are two key vulnerabilities that are often exploited by criminals.
The health care industry is a prime target because it is currently operating under severe stress. Often, when an industry is operating at other than normal conditions, some of the standard operating procedures are bypassed or ignored to help achieve an overriding objective. This is also true in many other industries as well, that are finding business as usual is anything but that. Many office workers are now home-office workers. This change may offer some benefits such as a short commute and more flexible hours but there are also many challenges for the individual and the company to overcome.
Phishing Attacks on the Rise
Phishing is the practice of sending fictitious emails to individuals posing as official business. These emails may ask for personal information such as social security numbers, bank account numbers and network log-in credentials. Many of the emails provide a link that is very tempting for the user to open. The link, of course, is not what it is represented to be. Instead, it will open and download malicious software on the user’s computer.
Research from Barracuda Networks found that phishing attacks have increased by 667% in March. The Coronavirus pandemic has the world practicing social distancing and many companies have instituted work-from-home (WFH) policies. This rapid, almost immediate surge of workers staying home from the office, in an unfamiliar work environment, provides a ripe target for cyber criminals.
Network Managers Beware
It is more important than ever for business network managers to take additional precautions protecting the network and confidential information stored in company servers. It is also important for network managers to be sure all non-IT personnel are well trained and up to date on best practices for computer, smart phone and network access. These practices include the golden rule of cyber security…if you did not ask for it, do not click it.
Beyond employee training, it is also very important that network managers have permanent, accurate monitoring and security tools in place and operational at all times. Having clear and consistent visibility of traffic traversing the network is critical to maintaining operations and blocking potentially devastating attacks. This is a good time to check that your monitoring and security tools cover all links and to review alarm response procedures. This also is a good time for a review of reporting accuracy.