The pandemic has turned 2020 into a year of medicine and information technology. The remarkable surge in the criticality level of medical infrastructure, read in conjunction with feasible across-the-board digitalization, led to many of our last year’s projections coming true-life much sooner than expected.

As we saw, there has been an increase in strikes on medical equipment in locations where the digital metamorphosi of healthcare is only just beginning. Interest in medical research has, of course, increased too among cybercriminals in particular groups specializing in targeted attacks. This was spurred chiefly by developing a COVID-1 9 inoculation and its potential significance for the world community. The biggest hullabaloo was around the WellMess campaign, which, according to Western intelligence agencies, sought to steal information about vaccines being developed in Canada, the UK and several other countries.

The topic of healthcare has become one of the most popular baits for assaults of differing complexity: from no-frills emails with malicious attachments through phishing to targeted attacks. To mislead consumers, attackers faked statements and documents from various medical bodies, including the WHO, and promised medicines and vaccines.

Since the outbreak of the pandemic, groups such as DoppelPaymer and Maze, known for targeted ransomware attacks, have announced that they will not pursue medical organizations in the current climate. All the same, healthcare is regularly targeted by cybercriminals. Recall that at the very start of the pandemic a hospital in the Czech Republic with one of the country’s largest COVID-1 9 testing facilities suffered a cyberattack. 2020 also realized the first substantiated instance when a patient died due to delays in receiving emergency care after medical equipment was infected by ransomware. According to public sources, 10% of all organizations hit by targeted ransomware between January and September 2020 were hospitals and other medical universities. In late October alone, more than two dozen US hospitals is under attack as part of a large-scale Ryuk and other targeted ransomware campaigns. Despite the fact that some groups did indeed refrain from running after medical facilities, others prosecuted them with redoubled vigor.

With the digital security of medical the organisations of the spotlight, especially after the above-mentioned Czech hospital incident, the infosec industry is focused on providing maximum support to healthcare systems. This led — at the very start of the pandemic — in the process of developing the CTI League, a voluntary organization of cybersecurity experts seeking to protect medical organizations and help them respond to cyber incidents. Hospitals have been assisted too by security software developers, including Kaspersky, which provided medical organizations with free access to its products.

Predictions for 2021

Onslaughts on COVID-1 9 inoculation and drug developers, and attempts to steal sensitive data from them, will continue. The world is not only fighting the disease, but witnessing a race between pharmaceutical firms, in which any significant breakthrough will likely result in targeted attacks on the company that made it. In countries with highly developed public healthcare, organizations in the private medical sector, most of which are small and medium-sized businesses( SMBs ), will face assaults. Protecting patient data and infrastructure is fairly expensive and thus difficult for SMBs to implement at the best of days, let alone during an economic crisis. Health-related cyberattacks will be used as a bargaining chip in geopolitics — attribution of onslaughts necessitating serious consequences or aimed at the latest medical developings is sure to be cited as an statement in diplomatic disputes. Next time will see a creek of the report of the working about patient data leakages from cloud services. Medical organizations’ transition to cloud infrastructures and storage of personal information in them is already creating additional dangers. Given our correct projection last year that interest in user health data would grow, healthcare institutions must devote serious energies to protecting their cloud infrastructures right now. Medication as a bait topic will be with us next year and remain current at least until the end of the pandemic. The human factor is one of the most important components of many onslaughts, and information about new regulatory restrictions, potential cares and patient health will continue to attract user attention. Leaked medical records will also become part of the hook in targeted attacks, since accurate patient info will construct fake messages far more credible. The focus on digital security in hospitals offers to be expected that 2021 will be the year when cybersecurity and healthcare join forces. Past experience has shown that pain lessons such as the Wannacry epidemic in 2017 and the coronavirus pandemic in 2020 are the very thing that incentivizes organizations to pay more attention to infrastructure security.

Read more: securelist.com