Cybersecurity crisis management during the coronavirus pandemic

The coronavirus pandemic is arguably the first time a biological virus has a significant impact on the security industry. Cybercriminals can exploit the vulnerabilities in the security protections of medical facilities, homes and factories. At the same time, a handful of governments have rethought physical security with surveillance infrastructure to enforce coronavirus quarantines.

The pandemic could also catalyze technological and regulatory change, according to Aleksander Poniewierski, global Internet of Things (IoT) leader at EY. The stress of the pandemic will leave many people vulnerable to social engineering —  deceptive tactics to manipulate individuals into divulging confidential information — in coming months, Poniewierski said.

The rapid shift to remote working, for office workers as well as executives monitoring IoT-enabled operations remotely, opens up threats related to expanded network access.

“We can expect large-scale implementations of automation and remote-working infrastructure without using robust architectural planning,” Poniewierski said. “Many employees are creating command centers in their home environment with minimal security protections. ”

A ‘Perfect Storm’ in Health Care
The health care industry, which has struggled to secure connected medical devices and legacy equipment in recent years, will likely be pushed to the limit in upcoming months. The potential of COVID-19 to spread exponentially could quickly overwhelm hospital systems, as McKinsey has observed. That fact opens the door for a surge in ransomware and other attacks, said Jarrett Kolthoff, chief executive officer at SpearTip. “Any organization in turmoil faces a potentially increased cyber-risk,” he said.

Already, the University Hospital Brno, which is one of the Czech Republic’s largest coronavirus test centers, suspended operations on March 13 after a purported ransomware incident. The malware delayed surgeries and testing of dozens of coronavirus samples. In the U.S., ransomware has temporarily blocked public coronavirus updates on a Champaign-Urbana Public Health website.

Previous ransomware attacks on health care institutions have established a dangerous precedent. The 2017 WannaCry attack, for instance, affected many hospitals as well as devices such as network-connected imaging and nurse call systems.

Complicating matters, “many IoT-enabled health care devices are not updated with the latest operating systems and security patches,” Kolthoff said. Applying security patches to medical systems could introduce new bugs as they fix others.

Hospitals under duress are also more likely to pay ransoms in the event of a ransomware attack. “At this time, it’s natural [for hospitals] to focus on continuing operations of critical services,” said Hardik Modi, a senior executive at Netscout Systems Inc.

Critical Infrastructure Could Also See an Uptick in Risk

Local governments and critical infrastructure must also contend with strained, unreliable communication channels, according to a New York Times article. As with health care, many industrial organizations find themselves looking to modernize while continuing to use aging technology. “And in the manufacturing realm, you have this labor shortage, and many companies are trying to move to technology-driven production,” Kolthoff said. Industrial organizations have valuable information on their networks, and, given the high cost of downtime, are often willing to pay in the event of a ransomware attack.

To read the complete article, visit IoT World Today.