The number of cyberattacks on healthcare organizations has grown during the coronavirus outbreak, and the Israeli Health Ministry wants the sector to have adequate protection.
Reuven Eliahu, the ministry’s chief technology officer, unveiled the plan on May 7 during an online conference hosted by the networking platform Cybertech B2B. He was quoted as saying by The Media Line that the government’s aim was to establish a defensive system capable of providing healthcare facilities with real-time protection from attacks.
He went on to say that the Health Ministry had worked with FireEye, a California-based cybersecurity firm, to develop the initiative. The government will make the “cyber defense shield” available to all Israeli health organizations at no charge, he added.
The pandemic has led to an increase in cyberattacks on the healthcare sector
Eliahu, who also serves as supervisor of the Israeli Health Ministry system security and cyber division, described the initiative as an appropriate response to current conditions. Since the emergence of the coronavirus pandemic, he explained, the Health Ministry has observed a “very significant increase” in the number of attacks on healthcare facilities. “Our workers are at home, and it’s their home [systems] that are less protected” against phishing attacks and other campaigns, he said.
Some of the incidents appear to be coming from state-sponsored actors, including organizations based in Russia, North Korea and China, he added. “We see more and more state-sponsored players who are working as spies … Many are looking to get their hands on solutions to the virus,” he remarked.
He was speaking shortly before ClearSky, an Israeli cybersecurity company, said it had discovered an attempt by Charming Kitten, a hacking group believed to have ties to Iran, to target a company working to develop a treatment for COVID-19, the disease caused by the coronavirus. ClearSky was one of the sources that informed Reuters that Charming Kitten had launched a phishing campaign to steal the passwords used by employees of US-based Gilead Sciences.
Confidential data is a tempting target for cybercriminals
But biotech companies are not the only entities that will benefit from the Israeli Health Ministry’s cyber defense shield for the healthcare sector.
Eli Parnass, the regional vice president for Israel, Greece and Central and Eastern Europe at California-based Fortinet, told The Media Line that healthcare organizations were attractive targets in the age of coronavirus. “In the last couple of weeks, healthcare has become one of the most targeted sectors around the world, with many cybercriminals that are seeking to exploit the fragile situation that we’re in for their personal gain,” he said.
Parnass, who also spoke at the Cybertech B2B conference, said that cybercriminals had a wide range of options for mounting campaigns against healthcare organizations, including “targeted phishing and customized ransomware incidents to more common exploits such as malware and botnets.” They also have a strong incentive to target the sector because hospitals and other healthcare facilities hold so much valuable and confidential data that they are good candidates for ransomware attacks, he said. Organizations involved in telemedicine face extra risks because their patients do not always use secured devices or apps to contact their healthcare providers, he added.
He urged healthcare organizations to take extra steps to guard confidential data. Facilities should introduce multi-factor authentication protocols and take greater care when validating credentials, he said. Additionally, he said, IT professionals working in the healthcare sector should promote comprehensive endpoint solutions that offer “integrated visibility, control and proactive defense while providing secure remote access with a built-in VPN [virtual private network].”
Healthcare organizations must also secure their OT systems
But the Israeli Health Ministry cyber defense shield should cover not be limited to IT systems in the healthcare sector. The coronavirus pandemic has also made healthcare facilities and other critical infrastructure more vulnerable on the OT side.
Professor Yoram Weiss, the director of Hadassah Medical Center at Ein Kerem in Jerusalem, noted last week that many hospitals were installing new OT systems to facilitate the monitoring and treatment of COVID-19 patients. “As we add more electronic infrastructure, many times it is to monitor the patients from afar, and not from their bedside,” he explained to The Media Line. “But you always have to keep in mind the possibility that you are putting stuff on not entirely secure lines.”
If security for OT systems is insufficient, he warned, patients could suffer. If cyberattackers found ways to hack into a hospital’s HVAC systems, for example, they could turn a building’s air ducts into new vectors for the spread of disease.
The best way to guard against such a scenario is to encourage communication between management teams, medical providers, and IT specialists, Weiss said. “For this reason, it is key for managers to understand that they first need to keep security managers and cybersecurity [staff] in the loop when introducing new devices and infrastructure,” he said. “Hospital employees during this time are very strained and have a lot of workload, but it’s important to make them aware.”