Cybercrime is off the charts, with one cybersecurity research firm estimating that ransomware has increased a whopping 715% worldwide over the same time last year during the first half of 2020. The detailed study published September 9, the Mid-Year Threat Landscape Report 2020 from Bitdefender takes a global view, delving into the various types of threats and tactics, organizations’ vulnerabilities, and defenses.
Cybercriminals continue to make money on cybercrime by extorting organizations desperate to pay a ransom to get their data back. Cybercrime also costs time and money for the investigations, repair, and recovery after the fact. Loss of reputation, even loss of business, can result. In healthcare, cybercrime also puts lives at risk; and ransomware is a double whammy, since a ransomware attack is presumed to be a breach, triggering the HIPAA breach notification rule.
COVID-19 (and Fear) is the Theme of 2020
As the pandemic unfolded, people were afraid, wanted answers and sought help online, opening doors for criminals. We first wrote about the cybersecurity chaos around the pandemic in March, when the Department of Homeland Security issued warnings about phishing attacks using COVID-19 to create fear and convince people to open attachments or reply to malware. We wrote about it again in July when we learned of massive attacks against academic institutions conducting COVID-19 vaccine research, and virtual private networks (VPNs) used by people working from home.
From the Bitdefender Report’s Executive Summary:
A defining characteristic of the first half of 2020 in terms of threats and malware is that they all played on the same theme: the pandemic. A spike in scams, phishing and malware across all platforms and attack vectors seems to have been a direct result of cybercriminals leveraging issues related to Covid-19 to exploit fear and misinformation.
Other Key Trends in Cybersecurity
At Home During the Pandemic
Social distancing requirements are causing many to work from home, and people are using the internet more hours every day, to work, connect with family and friends and for entertainment. They’re reading and shopping more online, perhaps while still using the virtual private network set up by their employer to keep them connected to the office. That VPN connection puts more networks at risk.
By far, the most attacks, whether ransomware, malware, spam or phishing, still occur through email. The Report estimates that on average, during the first half of 2020, four out of 10 Coronavirus-themed emails were tagged as spam.
Another finding is that hackers are not necessarily increasing the sophistication of malware, but are relying on social engineering – psychology – to trick people to open attachments, reveal personal information, or passwords, or click on a link. The good news is that social engineering tactics can be fought with workforce training, to help people recognize tricks and not become victims. This training helps the organization, but it also helps individuals in their personal lives, as they become better defenders of their personal data.
The Internet of Things (IoT) is Vulnerable
Devices that interconnect and bring us information no matter where we are are convenient and easy to use, which has caused an explosion in their popularity. Routers, refrigerators, smartwatches, smartphones, and digital assistants (and the list goes on) all present opportunity for exploitation by hackers. All of these devices have passwords and software which, if not updated, can be entry points into a home network, and then, to another connected network – like an employer.
The Bitdefender Report lists potential weaknesses of the IoT:
- Weak or default passwords that were never changed by users
- Vulnerabilities never addressed by manufacturers
- Companies that abandon support quickly after launch
- Old devices that reached end of life (EOL)
“Ransomware as a Service” Spreads the Threat
An increasing method of cybercrime is a service offered by a more sophisticated criminal to one with less savvy, or less resources, who then uses the service to attack others. Anyone looking for a quick profit can buy a ransomware tool on the dark web. This tactic has fueled the ransomware increases this year.
Avoid Ransomware with Simple Prevention Steps
Ransomware is one of the most dangerous and costly attacks that can happen in health care because the health and safety of patients is at risk.
But there are ways to prevent it, or greatly reduce the chance of it happening. The first thing to do is a full HIPAA Risk Analysis and follow the Risk Management plan. We’ve written extensively about Risk Analysis and Risk Management, including deep dives into specific tasks required, like business associate due diligence, an IT asset inventory and how to create a contingency plan but prevention of ransomware is more basic. (Ransomware prevention and recovery should also be part of the contingency plan.)
The four tasks that will do the most to eliminate or greatly reduce the risk of ransomware are:
- Back up data remotely in a way that is unconnected to the main network, so any infection or intrusion cannot reach the back-up.
- Apply updates and patches to software as soon as it’s available.
- Use multi-factor authentication across the network, to prevent a hacker from finding pathways farther in, even if they do gain an initial foothold.
- Workforce training is required by HIPAA, and should be provided on regular basis in an environment that encourages questions. Cybersecurity training can make a huge difference by raising awareness, showing staff examples, and teaching them the latest tricks and how to avoid them.
Good HIPAA compliance is a blueprint for preventing cybersecurity threats. Follow the rules, step-by-step and your data can stay secure.