COVID-19 AND CYBERSECURITY Measures to Staying Safe Digitally
Hospitals are not necessarily more susceptible to ransomware attacks however, an attack on hospitals and health management software systems can be detrimental with severe consequences.
The world did not expect that the Coronavirus (COVID-19) which struck in 2019, will become a pandemic in 2020. COVID-19 continually disrupts the health, economic, political, and social systems since its existence. The terms and conditions it comes with are expensive and highly demanding, we have a huge responsibility in safeguarding our lives as individuals bearing in mind that our actions and inactions affect the next set of humans we relate with daily. As the fears of COVID-19 contagious spread grips the world at a fast pace, there is the underlying threat rising rapidly in the digital space. Attackers’ target person’s increased dependence on digital tools. The stress of this global pandemic has left many people vulnerable to social engineering, in terms of how individuals seek and spread information online. The tendency for individuals to fall prey to traps set by cybercriminals is at all time most high this period with the increase in attack vectors.
Although, a larger percentage of the Nigerian healthcare system is yet to be digitalized, the need for hospitals to strengthen their defenses by protecting their computer systems, patient’s data, and operations. Hospitals are not necessarily more susceptible to ransomware attacks however, an attack on hospitals and health management software systems can be detrimental with severe consequences.
On March 13, 2020, the Brno University Hospital based in Brno, Czech Republic was reported to have been hit by a ransomware attack. The hospital was assigned the duty of investigating Coronavirus related blood samples coming from all Central Europe. Due to the cyberattack, the testing laboratory’s digital services came to a grinding halt, with its infrastructure left encrypted by the ransomware. Some vital clinical systems were working, but the hospital had lost the control to transfer information from its systems to the database system. The incident highlights the opportunistic nature of cybercriminals and their utter willingness to target health services on the front line in the fight against the coronavirus.
CYBERSECURITY RISKS AND CONTROLS
Individuals working from home
In the corporate world, the rapid shift to remote working for employees opens threats related to expanded network access. It exposes people to security weaknesses and vulnerabilities present within their network, which attackers can exploit. It is imperative that people take caution as they conduct their corporate duties from their home space
Here are a few things to consider.
Apart from personal health and hygiene practices, upgrade your cyber hygiene measures. An excellent cyber hygiene measure includes the use of a complex password and ensuring that firewalls are active on your network router.
- Beware of links relating to COVID-19. Some links are potential ransomware and phishing techniques used by attackers to gain access to personal computers, devices, and confidential information.
- Always verify the security of wireless network connections before connecting your personal or work devices.
Prioritize your time spent online as much as possible to reduce avenues that could lead to risky behavior. The more time spent online could open doors to security vulnerabilities and attacks.
Organizations, Business Leaders and Top Management Despite the unprecedented COVID- 19 situation around the world, the business goals and objectives remain a top priority. Employers need to understand that their health and safety has both a direct and indirect impact on the overall business. Hence, organizations need to observe certain precautions:
- Top management should be aware of security exploits, vulnerabilities, and potential attacks happening around the world relating to the COVID-19 pandemic. Though business processes will be disrupted, adequate communication within the organization is crucial to inform employees and clients on security threats that may arise. Define a communication plan/strategy and make it visible to all stakeholders to ensure seamless business flow.
Restrict the use of personal devices to access sensitive and confidential business data. Employees working from home may connect to several wireless internet network access that may not be secured for processing and transmission of sensitive data.
- Innovation is key; find new and more efficient ways to work with employees and foster a good relationship with clients as the business environment evolves during the COVID-19 pandemic.
he table below shows a breakdown of an organizations core elements and the potential prevalent risk relating to the COVID-19 pandemic and the corresponding mitigation measures.
|People||Staff commuting daily to work can increase the spread of the infection
|Proper health checks on entry such as: Use of thermometers, hand sanitizers etc.
Use of remote meeting platforms..
|Process||Poor communication||Define a proper communication channel highlighting the chain of command.
Use of delivery reports.
|Technology||Vulnerability of infrastructure||Acknolegement of emails
Use of VPN
Update all software and Patches
Continuous monitoring of critical assets
In conclusion, while we are protecting ourselves from the virus, we must continue to protect our devices from cyber viruses. Note that your organization needs you to be a secure link in the security chain to reduce areas of security vulnerability and prevent intrusion into the organization’s network.
For more information on cyberattacks leveraging COVID-19 scare worldwide, here is a report by Cybersoc’s Threat Intelligence Team. For validation of any information on the COVID-19, refer to the appropriate authorities such as
NCDC (Nigeria Centre for Disease Control) on twitter https://twitter.com/NCDCgov World Health Organization website: www.who.int, twitter: https://twitter.com/WHO
Related Blog Posts
TOP 250 MSSps 2021 Edition
Cyber attacks leveraging on the Covid-19 scare Worldwide
Annual Cybersecurity Report - Nigeria 2019
TOP 250 MSSps 2022 Edition
Dear CIO – if you are seeking peace of mind… I may be able to help you
The importance of a Security Operation Center (SOC)
Why is the MSSP model transforming into the model of choice for enterprises?
Understanding and Mitigating Cyber Security Risks of Working Remotely
Cyber Criminals Target Enterprises in Nigeria – Cryptomining Attacks
How CyberSOC Africa is supporting Cybersecurity Awareness Month