It seems that COVID-19 isn’t the only virus healthcare organisations are having to fight, they are also the target of ongoing cyber-attacks. Worse still, the attacks don’t appear to be abating according to a joint advisory published yesterday from the UK’s National Cyber Security Centre and the US Department of Homeland Security Cybersecurity and Infrastructure Security Agency.
The joint UK and US advisory highlights ongoing activity against healthcare organisations involved in the national and international coronavirus responses. The advisory provides an insight into COVID-19 related cyberattacks and how healthcare organisations can combat them – it details a number of mitigations (see page 5).
So what’s top of list for mitigating the risk of attack?
- Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and configurations.
- Use multi-factor authentication to reduce the impact of password compromises.
- Protect the management interfaces of critical operational systems.
- Set up a security monitoring capability.
- Review and refresh incident management processes.
Cybersecurity will remain as important in the coming weeks as it will in the months ahead with healthcare organisations needing to remain vigilant for future attacks.
Do get in touch if you would like support on your organisation’s cybersecurity: we have an experienced and friendly data, IT and cybersecurity team.