Hospitals and Research Labs Defend Against Virus-Themed Malware

(Bloomberg Businessweek) -- With their mountains of personal data, outdated software, internet-connected equipment, and thousands of employees, hospitals have long drawn the unwanted attention of hackers. Now, as they focus all their resources on battling the pandemic, hospitals are even more tempting targets. We spoke to security experts about the ways the crisis is making hospitals more vulnerable to attack.

● Unchecked Vendors

Hospitals everywhere are racing to stock up on supplies of gowns, face masks, and ventilators. All that new equipment means finding new vendors, some of which are entering hospital supply chains without the usual security checks, Maor says. A vendor whose system has been compromised can unwittingly give hackers a backdoor to infiltrate hospital files.

● Willingness to Pay

Companies hit with ransomware attacks often pay up rather than resist and risk being offline or losing crucial files. Hospitals may be especially appealing to hackers now. “They know that now more than ever these organizations cannot afford downtime, so they’d theoretically be more open to paying quickly vs. a normal scenario,” says Dave Weinstein, chief security officer at cybersecurity firm Claroty.

● Thanks, But No Thanks

Etay Maor, chief security officer at threat intelligence firm IntSights, says he’s getting reports of attacks that he hasn’t seen in years. In one instance, criminals sent hospital staff letters thanking them for their service, each one with a fake Best Buy gift card enclosed and a USB stick said to hold instructions on how to redeem the card. It actually contained malware. “Attackers don’t attack the technology, they attack the people,” he says.

● Skipped Security Checks

Britain’s National Heath Service has suspended cybersecurity audits put in place after 2017’s WannaCry attacks until September to let hospitals focus on the pandemic. “That shouldn’t happen,” says Matt Lock, technical director at data security company Varonis. “If you aren’t aware, you can’t mitigate the risk.” The NHS says it’s urging members to stay on top of security updates and warns that the threat risk remains high.

● New Ways In

Medical facilities are also telling staff to work from home. Having more people logging in remotely, using file sharing and videoconferencing, creates additional vulnerabilities hackers can exploit. If an internal messaging system or VPN is slow to use, workers may turn to less secure consumer platforms. “That puts enormous stress on the security teams that have to manage this risk,” Weinstein says.

©2020 Bloomberg L.P.

BQ Install

Bloomberg Quint

Add BloombergQuint App to Home screen.