Digital processes and experiences persist in healthcare as the COVID-19 pandemic continues. For patients, this means paying more bills online and using virtual care options when medical attention is needed but not life-threatening. Healthcare providers are changing business operations to enable more digital interactions. This includes a shift to remote work to help maintain social distancing and other physical safeguards. This heavily digitized "new normal" also presents a new vulnerability for cybersecurity attacks.
Cybercrime Grows During the COVID-19 Pandemic
The rise in remote working arrangements and the digitization of business operations creates an opening for hackers. Healthcare organizations are a prime target for cybercrime given the sensitive nature and depth of medical data and payment information that lives on their networks. IBM Security's 2020 Cost of a Data Breach Report noted that the average cost of a healthcare data breach is $7.13 million. Within weeks of declaring COVID-19 a pandemic, the U.S. Health and Human Services Department experienced a distributed denial-of-service (DDoS) attack. In April 2020, the World Health Organization reported a five-fold increase in cybersecurity attacks.
5 Types of Cybersecurity Attacks
More digital vulnerabilities make healthcare organizations even bigger targets to cybercrooks. Becoming familiar with the tactics of hackers and other types of cyber criminals can help you know what to look out for to better protect against costly data breaches.
You'll want to guard against social engineering, a method of intrusion via digital or in-person interaction designed to trick someone into breaking security protocol and sharing confidential information. Criminals use social engineering tactics to gain employee credentials, compromise authentication systems, take over social media accounts, and more.
Here are five examples of common types of cybersecurity attacks facing healthcare today.
Business Email Compromise (BEC)
BEC involves a scam to obtain confidential, personal, or financial information from business contacts through email. Tactics include the following:
- Email spoofing or masking involves emails with forged headers that hide the message's real point of origin. Criminals use this method to trick employees into sharing sensitive company and client information and initiating payments using fraudulent instructions.
- Client email compromise happens when criminals access an employee's email account or a corporate network to understand the communication style of a company's client or customer. The hackers then mimic this communication style in interactions with members of the organization to commit fraud or steal confidential information.
- Business partner email compromise is an exploit where criminals impersonate an organization's business partners or vendors via email interactions to gain access to data and company information.
- A lookalike domain closely resembles the domain of a legitimate organization. Criminals use these domains to set up email accounts and send phony messages to employees to gain access to critical company information.
Phishing is the act of sending fraudulent communications that appear to be from reliable sources to trick victims into sharing information or downloading malware. This tactic often relies on emotions and plays to a sense of urgency or fear. Criminals use this approach to access systems and personal data or to enact financial fraud. Types of phishing include attacks that target individuals rather than groups (spear phishing) and attempts to coerce information through voice communications on the phone (voice phishing or vishing).
Criminals use ransomware to extort organizations by encrypting and holding their data hostage until a ransom is paid. Ransom costs vary based on the ransomware type and the criminals using it. The FBI's 2019 Internet Crime Report notes that the FBI received over 2,000 ransomware-identified complaints with adjusted losses of more than $8.9 million. Impacted organizations risk the permanent loss of data that can make it hard for the business to operate properly. In October 2020, the U.S. Cybersecurity and Infrastructure Security Agency issued a warning related to ransomware, stating that "There is an imminent and increased cybercrime threat to U.S. hospitals and healthcare providers."
Remote workers often rely on mobile devices for communication needs. This opens another channel for criminals to harm organizations. Malicious and spoofed company applications, the removal of operating system restrictions, and the use of public Wi-Fi can all increase exposure to attack.
Compromised Business Social Media Accounts
Social media is a popular channel for hackers looking to infiltrate organizations and personal data. Their method of approach is to target accounts of the business and individual employees. The use of unauthorized and vulnerable third-party applications to access social media accounts, human error, and interacting with imposter accounts can all lead to serious security threats.
Tips to Help Prevent Cyber Attacks
It's important to use secure and compliant systems to protect against cyberattacks. Make sure everyone at the company understands their role, too.
Here are tips for how employees can help prevent cybercrime:
- Only use company-approved email platforms and tools. For added protection, these tools should offer spam filtering and multi-authentication.
- Only click links and open attachments from trusted sources.
- When engaging with colleagues or IT personnel, always verify their credentials and any other business-related identifiers to confirm their identity. Don't be afraid to contact your IT colleagues via their business phones to confirm any remote access requests. Never share your password information.
- When working remotely, treat your computer the same as you would when in the office. Be sure to lock your screen when away from your computer and use strong passwords when updating your credentials.
- Always ensure that your software, browser, and operating systems are up to date.
- Always keep your machine's anti-virus and ad-blocking software on.
- Never enter personal credentials on a website when using public wi-fi.
- When on your home network, be sure to update the default password before logging on. Then, create one for yourself and your work and another for guests and children.
Learn more about secure solutions to protect your healthcare payments and data. See InstaMed in action.
InstaMed, a J.P. Morgan company, powers a better healthcare payments experience on one platform that connects consumers, providers, and payers for every healthcare payment transaction. InstaMed's patented, private cloud-based technology securely transforms healthcare payments by driving electronic transactions, processing payments, and moving healthcare data seamlessly, and improving consumer satisfaction. Consumers, providers, and payers benefit from InstaMed's exclusive focus on healthcare, integration into any healthcare IT system, robust analytics, and proven scale.