Covid-19: Health sector under siege from cybercriminals
Pretoria - With criminals taking advantage of the Covid-19 pandemic, the health sector has come under siege from cybercriminals aiming to disrupt and profit from healthcare services.
Cybersecurity specialist Mikey Molfessis from Mimecast issued the warning to South African healthcare organisations and people who depend on them.
He said the healthcare sector and people who depend on it are now at increased risk of falling victim to cyberattacks.
This comes shortly after globally used email service, Gmail, has everyday been blocking over one million emails targeting vulnerable employees working from home.
He said with the peak of the pandemic expected to reach South Africa between the end of June and September cybercriminals are likely to continue their campaigns to disrupt and undermine the healthcare sector’s critical work.
Molfessis said: “Healthcare organisations need to reinforce best practices in data protection, especially as it relates to the privacy and security of critical patient data.
“The deployment of additional healthcare tools such as Telehealth, mobile location data, social contact tracking and facial recognition represent a potential pandora’s box of data security risks that cybercriminals are attempting to exploit.”
He said according to reports, cyberattacks on global healthcare organisations have surged in recent times.
An Interpol report found that cybercriminals are targeting critical healthcare institutions with ransomware, which can cause near-catastrophic disruption and significant financial losses for hospitals dealing with the sudden increase in Covid-19 patients.
“If healthcare systems were to go down or data held ransom, lives could be lost. With governments around the world also increasing their testing and contact tracing capabilities, any disruption or corruption of healthcare data could have disastrous effects on healthcare institutions’ ability to respond to the pandemic.”
He advised that healthcare organisations in the public and private sectors should ensure they have adequate security measures in place to protect the data of patients from being breached.
“Measures include putting effective security and encryption protocols in place to protect electronic records, having data loss prevention software in place to control what data is shared through emails.
“This includes protecting the organisation against malicious websites that the workers may inadvertently visit and conducting regular awareness training to ensure healthcare workers can identify and avoid potentially risky behaviour.”