Cyber gangsters failed attack on a research firm working on the Covid-19 vaccine, despite earlier claims by many ransomware groups including Maze (the offender) that they would avoid targeting healthcare.
Please see the comment below about how the healthcare sector can better protect itself against these type of attacks, including securing the cloud based data that remote working relies upon, covering up the unique IT vulnerabilities of the sector, the importance of IT infrastructure more widely and why attacks of this nature are likely to persist.
The attack on Hammersmith Medicines Research (HMR) isn’t the last time we’ll see cyber threats impact the healthcare sector during the Covid-19 pandemic, whether directly or indirectly. By their very nature, cybercriminals are dishonest and cannot be trusted to do the right thing during this crisis, particularly as it’s set to last a long time and they rely on ransomware payments for their income. The healthcare sector is especially vulnerable right now, as these organisations have a huge number of potential attack vectors, including IoT devices that are in many hospitals, patients connecting their personal devices to Wi-Fi networks, and changing priorities due to the virus. It’s imperative organisations don’t overlook the fact that IT represents a fundamental part of medical infrastructures, and needs to be cared for alongside the massive influx of patients requiring treatment. Business continuity is not just a problem that can be siloed off to the IT department, and it’s a question of when rather than if when it comes to cybercriminals exploiting the vulnerabilities that Covid-19 offers them.
Although the healthcare sector is at particular risk, all sectors in the UK economy need to be increasingly vigilant about preventing IT failures to mitigate the wider damage of Covid-19. UK healthcare doesn’t work in isolation, but instead relies on huge segments of the economy, including manufacturing, logistics, and external IT suppliers functioning at full capacity to be able to provide the critical care that is urgently needed. For example, if the IT systems of a trucking or shipping company are made inaccessible, the supply chain of vital medical equipment could be disrupted or delayed.
With this in mind, it’s important for all businesses, especially those providing front line services, to plan for the worst and ensure that their mobile workforce not only have their data protected, but more importantly are protected against ransomware, which unfortunately is inevitable during the course of this crisis. To minimize the impact of potential attacks, all businesses need to set up centralised security protocols for detection and response, carefully review all IT practices and operations in relation to Covid-19, and ensure that all data from employees, patients and devices is secured and backed up safely. With many in the UK now working remotely where possible, there is an increased reliance on cloud-based tools and shared drives, which are not backed up automatically. Given the current situation, we’d advise all organisations to explore third-party data protection providers to safeguard this data.