A Primer on Cybersecurity and the Coronavirus

As the nation responds to a pandemic, public health and economic concerns are at the forefront of the public consciousness. But that doesn’t mean that other typically pressing matters – such as cybersecurity – shouldn’t also be considered during this trying time. In fact, cybersecurity is intertwined with both public health and the economy as an ongoing area for both individuals and businesses to monitor during a crisis. 

Every sector has been impacted by the coronavirus, but every sector is also impacted by cybersecurity in one way or another.  That’s true whether it’s referencing hospitals or other healthcare facilities, companies with individuals working from home, or normal people attempting to do good with charitable donations. If anything, the typical vigilance applied to cybersecurity threats should increase when faced with a crisis. 

Let’s take a closer look at the current state of cybersecurity during the coronavirus pandemic – the unique threats involved, who are most vulnerable, and what to watch out for. 

The government is monitoring cyber threats related to coronavirus

In times of crisis, it can be a natural reaction to look to the federal government for guidance. Just as the Centers for Disease Control and Prevention offer help treating and responding to the disease, another area of the government specializes in cybersecurity. 

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is tasked with securing and protecting our nation’s cybersecurity and critical infrastructure. On March 6 they released a reminder alerting people to watch out for cyber scams related to COVID-19. This can manifest itself in a number of ways. Hackers may disseminate emails with compromised attachments or links to malicious websites. They can use advanced social engineering to convince users to reveal personally identifiable information (or other sensitive data). 

It’s important to always be cautious when opening emails, particularly from senders you don’t recognize. CISA warns that any email with COVID-19 in the subject line, attachment, or link should be handled carefully and not opened if possible unless you can verify the identity of the sender. Watch out for calls for charitable donations on social media (more on that below) or text messages and phone calls related to COVID-19. 

CISA has provided some tips (with accompanying resources) to help you navigate the cyber landscape throughout the COVID-19 response, including: 

• Don’t click on links or email attachments on emails in which you either do not know the sender or that look suspicious. CISA has prepared two resources on this with more information: Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams.
• Only seek out COVID-19 information from trusted sources. This includes trusted, legitimate media sources or government websites. As more information becomes available about COVID-19, there is an overwhelming amount of data available via social media and the internet. Much of it is either unverified or flat out untrue. 
• Do not give out your own personal information over email. This includes anything tied to your identity or finances. 
• Before donating to charity, verify the validity of the organization. 
• For general tips on managing risk related to COVID-19, check out CISA’s page on Risk Management for COVID-19.

As coronavirus cyber threats grow, CISA will be sure to track these and send alerts out as needed. 

Disasters bring out malicious actors taking advantage of people’s good nature

Emergencies tend to bring out the best in people – one only needs to look to the doctors, nurses, healthcare workers and volunteers attempting to dull the spread of the disease for evidence of that. Unfortunately, it also brings out the worst in malicious actors looking to take advantage of others’ good intentions. As discussed above, many virtual scams arise whenever disaster strikes. 

These scams attempt to take advantage of people by playing on their fear about the coronavirus to solicit donations. It’s happened before: during the response to Hurricane Harvey in and around the greater Houston area in 2017, many cybercriminals attempted to exploit people’s charitable efforts. It’s a common trait of disaster response – when individuals are looking to help, there are always those looking to exploit that goodwill. These solicitations can often come in the form of emails that appear legitimate but are anything but. 

The Federal Trade Commission has a website dedicated to charity scams for more information. While it is natural to want to donate during times like this, be extra vigilant for scams. Verify the organizations you donate to. If you’re unsure of how to help, a great place to start is the National Voluntary Organizations Active in Disaster (NVOAD) website. This will provide guidance on who and where you can give, as well as what your funds will be going toward. NVOAD currently has a site set up specifically for the coronavirus response. 

Hospitals and healthcare facilities are susceptible to a cyber attack

Unfortunately, one of the subsets of the population most susceptible to a cyber attack during these trying times are hospital workers currently staffing a healthcare facility. 

An all-too-common trend in cybersecurity is a hospital or healthcare facility being hit with a ransomware attack. This is when a malicious actor hacks into a hospital’s IT system – often through a phishing email or other type of hack – and introduces software that locks it down. The facility is then asked for a ransom to unlock the system. Hackers can do this to electronic health records, medical devices, or any other type of system dependent on an internet connection. 

In 2016, the Hollywood Presbyterian Medical Center suffered this kind of attack. Hackers forced the facility to keep their systems offline for over a week until they paid a hefty ransom of $3.4 million. The facility reported they were forced to conduct all business using pen and paper while the IT systems were shuttered. It represented a massive inconvenience. While the attack ended without incident, it’s chilling to think about what could happen to a facility in the throes of the response to COVID-19. 

For this to happen at any time is obviously a problem, but to happen during a developing pandemic as hospital resources are stretched thin would be catastrophic. That’s why it’s important for hospital staff members to be incredibly careful when opening emails and attachments, especially from unknown sources, during times like these. 

The increase in remote work leads to cybersecurity vulnerabilities

Businesses are often vulnerable to cyber attacks as well. This vulnerability only increases when their workforce is spread out working remotely while communities practice social distancing. There are a number of reasons why remote work may increase a business’s vulnerability to a cyberattack, including: 

• Most employees will work using their home WiFi system. If these aren’t password protected – or feature a password that’s easy to guess – it may leave the employee’s computer and network vulnerable to a hacker. 
• Employees without a company PC or laptop may do work on their own devices. If these devices aren’t equipped with antivirus software or other security protections, they may also be susceptible to an attack. 
• Employees opening personal email on a company device may expose that device to potential phishing attacks, compromising the company’s entire network. 

Right now, remote work is a reality for many businesses, so there’s no way around it. That doesn’t mean it’s not extra important for employees to engage in remote work to practice good cyber hygiene. This involves the use of a VPN, not working on a personal device if one can help it, securing cloud desktops implemented at the company level, and securing their home networks with solid password protection. 

Virtual meetings are also a potential target

As video conferencing and other types of virtual meetings become more commonplace, they can also serve as a potential target for hackers. Unlike in-person meetings conducted in a conference room at your facility, video conferences are conducted over an internet connection with multiple individuals calling in from their devices. People attending these meetings often share proprietary data or sensitive information that could lead to the company network in question being compromised. 

The National of Institute of Standards and Technology (NIST) released a blog post titled “Preventing Eavesdropping and Protecting Privacy on Virtual Meetings.” This post provides guidelines and tips on how to practice good cybersecurity as your meetings go virtual. This includes not reusing access codes, not starting the meeting until the host joins the room, ensuring all attendees notify themselves when entering, and more. 

As your business responds to the coronavirus and the cascading effects associated with it, it’s more important than ever to have secure IT systems you can trust. Your entire suite of IT services should leave you feeling confident even during times of uncertainty. To help you get there, partner with a trusted provider who understands the challenges associated with implementing secure IT systems. Applied Innovations is that partner. For more on how we can help your business maintain proper cybersecurity, contact us today!