Government and private hospitals in the Middle East region and beyond are being warned of an increased risk of ransomware attacks during the COVID-19 pandemic.
According to a statement issued by the global technology company, Acronis, cybercriminals “will target the government agencies, healthcare facilities and medical professionals treating patients during the COVID-19 crisis,” after it found a surge in ransomware detections in Europe by up to 7% in the last week of February 2020, followed by a 10% increase the week after.
“The COVID-19 pandemic has brought with it new challenges and new risks to the business environment and cyberspace is no exception,” said Acronis founder and CEO, Serguei Beloussov. “As most businesses and individuals are now required to go digital in a bid to ensure that their operations do not grind to a halt, they have also become easy targets with healthcare facilities becoming more vulnerable, because the systems that care for patients and lab work are often linked.”
WHY IT MATTERS
While it is not unusual for criminal activities to spike during times of crises, it is believed that cybercriminals taking advantage of the pandemic will not only have an impact on the targets/victims, but also on their patients. And despite announcements by hacker groups that they will refrain from targeting health facilities, Acronis advises against fully trusting in the statements issued.
“A lot of medical responders treating COVID-19 patients will be particularly targeted, because they will need immediate access to data, applications, and systems; and also because they are receiving a large amount of financing from governments in some countries which is attractive for cybercriminals,” the company said.
To reduce their risk of being attacked or hacked, healthcare facilities are advised to establish an anti-phishing strategy, which “includes training employees to recognise malicious emails and sites, or use email systems with integrated anti-phishing solutions.”
Additional advice by the company includes using two-factor authentication where possible; unique passwords for different services; automatic system updates, as well as deploying ransomware protection and anti-virus systems.
“Another effective way is to make public-facing websites static,” the company added. “Since some companies do not need complex content management systems on their websites, pre-rendered static pages are more secure.”
Meanwhile, the company’s Acronis Cyber Backup Cloud – which includes an integrated AI-powered anti-ransomware defence solution – will be offered free of charge to any new customer who was added by a service provider from 18 March.
“[This] will allow service providers to help organisations that must enhance their anti-ransomware and cyber protection posture – even if they had not budgeted for it,” said the company’s account manager for the Middle East, Toufic Maalouf.
ON THE RECORD
Beloussov concluded: “A lot of hospitals and medical facilities around the world have been held at ransom since the beginning of the lockdowns. Ignoring cyber threats for a hospital is like unplugging a ventilator from a patient.
“Cyber threats on the healthcare system are increasing and need to be addressed with priority from our governments as the lives of the patients are on the line.”
