Covid-19 catapulted the health industry to the forefront of cybersecurity in 2020, but it is likely that the dangers will continue and grow over the next year.
Threats from nation states and criminals to the health care sector are a growing concern.
The massive logistical challenge of rolling out vaccines poses the risk of upsetting complex supply chains.
And criminal ransomware presents a threat at a time when the pandemic has intensified our dependency on technology.
Chain of supply
Distribution of various coronavirus vaccines may bring relief, but it also poses a big challenge: all of those concerned have not had to think hard about protection in the past.
The dynamic global supply chain for vaccines extends from factories in one world to Internet-connected refrigerators in another.
It would create new burden on doctors’ surgeries, IT processes, and sometimes small providers that have a vital role to play.
IBM has also confirmed that it has seen alleged hackers threaten the “cold chain” used to hold supplies at the correct temperature during transport.
And in the United Kingdom, the National Cyber Security Center, which worked quickly as the pandemic started to protect vaccine studies, has now diverted its efforts into vaccine distribution.
At least the major pharmaceutical firms are no strangers to cyber-espionage. Their security officials claim they first started thinking hard about the problem after a massive espionage campaign back in Spring 2010.
But the pandemic problems have changed the value of the industry.
“We are now on a grander stage,” says one person concerned.
In July, the UK accused Russian intelligence of targeting science, including the Oxford vaccine, while the US accused Chinese hackers of similar behaviour.
The rise of “vaccine nationalism” has prompted intelligence and security officials to raise concerns about whether countries could try to hinder the efforts of others to move forward.
“It could be trying to steal the intellectual property for financial purposes,” said Tony Ugoretz of the FBI at the latest Aspen Institute Cyber Summit.
“This may be to weaken confidence… or to benefit the growth of another nation.
“We see our most determined nation-state adversaries not just relying on one method to target the supply chain, but combining cyber with using more traditional espionage and human sources.”
One of the much discussed strategies is the deliberate spread of disinformation online about vaccines, or the criticism of the country’s protection and testing record.
The 77th Division of the United Kingdom Army sponsored a Cabinet Office inquiry into whether foreign states are driving anti-vaccine concerns within the United Kingdom.
Most sentiment was generated domestically, said Sir Patrick Sanders, Head of Strategic Command at the recent Chatham House function.
And he raised the possibility of vengeance.
“Where these things are being fuelled from overseas, then we will take action, and if the NCF (National Cyber Force) has a part to play in that, it will.”
Cyber-Blackmail Campaign
But amid fears about governments, analysts claim, criminal ransomware—closing people out of their devices and data before they pay—remains the most serious and persistent threat.
There was some chatter at the beginning of the criminal gang pandemic that they would not be attacking health. But it didn’t last, and the assaults multiplied.
A recent report by the security firm Positive Technologies notes that half of all cyber attacks on healthcare were ransomware in the July-September quarter of 2020.
US hospitals have been worse hit than the UK. It is thought this is because criminals see them as richer than their NHS counterparts.
In just 24 hours in October, six American hospitals received ransom demands of at least $1m (£810,000), leading to some cancer treatments being cancelled.
“The healthcare sector has become such a big, rich, juicy target,” said Greg Garcia,
Executive Director of the US Cyber Security Council of the Health Sector Coordinating Counci
“It’s as if they moved on from the financial services sector.”
- ‘Don’t Weapon the Net’ warns former cyber chief
- UK cyber-threat agency confronts Covid-19 attacks
The UK has made stride to fix weaknesses in the NHS systems exposed by 2017’s Wannacry ransomware attack. Even so, there are concerns it could be hit again.
Dr. Saif Abed has been warning for a long time that such an attack could kill a patient.
He is a retired national health care physician who has left private practise to set up the AbedGraham Group, which advises on IT safety risks to health.
“The thing that’s really concerning is that attackers now understand the concept of clinical urgency,” he adds.
“They understand: ‘If we create a risk that disrupts the ability to provide patient care, we’re more likely to get a payout.”
His fear is that the pandemic has accelerated the digitization of health.
While this has brought benefits such as online consultations, he says that the investment needed to keep Internet-connected networks and devices safe has not kept pace.
Dr. Abed said he also hears safety researchers speak of hacking insulin pumps to kill someone.
But the higher risk, he notes, is that more systems are wired together while staying vulnerable, adding to the risk of a cascade effect.
He continues that his key fear is that criminals switch from only locking organisations out of their health data to starting to tamper with it, posing risks to patient safety.
The desire to limit further outbreaks of Covid-19 may also give rise to more attempts to exchange data more broadly.
And that, in fact, may offer further opportunities to rob or subvert it.
Another sign that cyber defence is going to be on the front line in 2021.