Increased hacking amid COVID-19 pandemic: A cybersecurity guide for healthcare

As healthcare providers work relentlessly to treat COVID-19 patients and those with other medical conditions, healthcare systems are coming under attack by a different kind of infection — computer-borne viruses and malware.

Computer viruses and malicious emails with embedded ransomware and malware are designed to disrupt healthcare operations and deny access to vital EHR systems and ancillary systems. Hackers see times of chaos as an opportunity. Since the outbreak of COVID-19 began, cybersecurity experts have been reporting a rise in cybercrime, especially phishing and ransomware attacks. To protect your healthcare organization, the situation demands heightened cybersecurity awareness and vigilance — more now than ever.

Cybersecurity awareness and cyber hygiene are imperative to keep our healthcare systems safe and secure. No matter whether you’re a small healthcare provider or a large health system, no one is immune from the cyberthreats that exist in our interconnected virtual and global economy. Like travelers carry viruses across international borders, computer viruses can be transmitted through expansive networks connecting our healthcare systems with the outside world.

How to protect your healthcare organization from a cyber pandemic

Viruses in nature are often seen as an invisible enemy or threat. They can morph into various strains that require different treatment plans and vaccines. Computer viruses share similar characteristics — each one has its own signature. Over time, they’re adapted and modified to act differently, but they still have the same potency to cause significant harm and disruption.

Through adaptation, computer viruses or malware will evolve as different strains. The most commonly-known and lethal computer virus is ransomware. When computers are attacked by ransomware or malware, the attack behaves like a virus that spreads very quickly throughout the entire organization, if it’s not contained and inoculated effectively. This could result in a cyber-pandemic capacity that shuts down an organization’s entire computer network and systems.

So, what safety measures should you take to protect yourself from this invisible threat? Let’s take a quick walkthrough of some cybersecurity best practices and safeguards to strengthen your defense against the threats that your organization may be facing. (Remember: It’s never too late to start.) Here are a few things to consider:

Strengthen remote access security

As employers respond to CDC advisories requiring work-from-home policies, nonessential staff will need the technology and internet services that allow them to perform their jobs remotely to help sustain the organization and support delivery of patient services. Consider:

• Restricting access to your private networks to just those remote staff members that need to have it, especially if access bandwidth or licensing is a constraint.
• Implementing two-factor authentication to prevent password compromises from social engineering attacks.
• Requiring anti-virus and anti-malware protection installation on all mobile workstations, including personal home computers or bring-your-own-device (BYOD) equipment.

Elevate cybersecurity awareness

As you update your staff on COVID-19 developments and internal health system changes, it’s imperative to include information on cybersecurity awareness and current cyberthreats. The Office for Civil Rights issued an alert for healthcare providers urging them to review recent COVID-19 cyber-scam guidance from the Department of Homeland Security, as hackers continue to target users with COVID-19 phishing campaigns. Healthcare providers are being warned to stay vigilant for these types of scams like attempts to access sensitive information via emails with malicious attachments or links to fraudulent websites. Encourage:

• Vigilance when checking emails, especially from external sources. Be cautious when handling emails with subject lines, attachments, or hyperlinks referencing the coronavirus or COVID-19.
• Caution. Staff should only visit reputable health organization websites and should access these websites directly instead of clicking on embedded links in emails. Consider whitelisting approved websites as a risk mitigation strategy.
• Practicing cyber hygiene when visiting social media sites. Discourage clicking on “COVID-19 news and dashboards” on third-party websites, as they could be malicious websites with real web-links to steal your credentials or launch an embedded malware attack.

Strengthen system access monitoring

To ensure HIPAA compliance and avert unauthorized PHI disclosures, access logs must be maintained for your EHR systems and patient records. System access should be monitored regularly to detect anomalies in user behaviors and signs of potential data theft like excessive data access and retrieval of patient records. Consider:

• Streamlining the auditing and logging of access activities by using a centralized audit logging system or a third-party security monitoring service.
• Installing or refining firewall rules to block access from unknown in-bound IP addresses and disallow unregistered or unapproved IP addresses from exporting large volumes of data.
• Conducting a security assessment to confirm that access to files with PHI is being logged. Activate audit logging for those files and systems that don’t have it in place.

Refine incident response program

There’s never been a greater time to confirm that your cyber incident response programs can detect, report, respond, and recover quickly from a cyber incident or attack. Measures should be in place to minimize chaos and distractions to those caring for the sick and to reassure the public that healthcare professionals are supported by the technologies they need. Be sure to:

• Review and update your incident response program to include new scenarios.
• Make the necessary system changes to enhance the incident reporting and escalation processes and procedures.
• Conduct tabletop incident simulation exercises to test the incident response program design and effectiveness.

Stay on top of system maintenance

To keep your systems in tip-top shape, make sure they’re reviewed frequently:

• Perform regular system maintenance.
• Apply system updates and configuration changes that help with resource optimization and security protection.
• Apply security patches regularly to protect against viruses, malware, system vulnerabilities, and other threats.

Monitor the effectiveness of your cybersecurity initiatives

To ensure your cybersecurity initiatives are achieving the goals and objectives laid out by management, conduct random or periodic inspections and tests. You’ll need to confirm that the safeguards and security measures are properly designed and working effectively. Where gaps and issues are noted, appropriate risk treatment plans and corrective actions should be mobilized. Consider the following tips:

• For best results, engage independent external consultants with cybersecurity expertise to perform these assessments.
• If cost is a constraint, consider having internal auditors and/or IT security experts conduct these assessments.
• Implement cybersecurity management dashboards and reports to monitor and inform management of risks and threats by using key performance metrics and indicators.

How we can help

Our cybersecurity experts are trained to help healthcare systems prepare and protect themselves from a wide array of cyberthreats and risks. We can help enhance your organization’s cybersecurity risk posture, IT operational resilience, and emergency preparedness to strengthen the security and safeguards in your IT infrastructure and security programs.

For more information, please give us a call.