Kaspersky predictions for 2021: patient data leaks and more attacks on healthcare. Due to the corona pandemic, the topic of IT in the healthcare sector has become more explosive.
The security experts at Kaspersky assume that there will be leaks of patient data in the cloud in the coming year and that health organizations as well as vaccine and drug manufacturers will be increasingly exposed to cyber attacks.
Digital transformation of the healthcare system
As Kaspersky predicted last year, attacks on medical devices have increased in countries where the digital transformation of healthcare has only just begun - and with them the interest of cyber criminals. Above all, the development of a corona vaccine and the associated importance for all societies worldwide is the focus of cybercriminals for targeted attacks: this year, the WellMess campaign [2] targeted various institutions in Canada, Great Britain and the USA, which are involved in research for a Covid-19 vaccine; Last week, the vaccine manufacturer AstraZeneca is said to have been attacked by North Korean hackers [3].
In addition, the topic of health was misused for other attacks of various complexity: from simple e-mails with malicious attachments to phishing and targeted attacks. In order to deceive users, the attackers forged statements and documents from various medical institutions, including the WHO, and promised drugs and vaccines.
Lessons learned from 2020
The security experts at Kaspersky provide an outlook on the most important developments in the threat landscape for the year 2020 on the basis of their knowledge gained in 19 and the developments relating to Covid-2021, so that the healthcare sector can better prepare for cyber threats:
- Cyber attacks on COVID-19 vaccine and drug developers and attempts to steal sensitive data. In addition to battling the disease, the world is witnessing a race between pharmaceutical companies in which any significant breakthrough is likely to result in targeted cyber attacks on that company
- Attacks on small and medium-sized companies in the medical sector. In countries with highly developed publicly available healthcare, SMEs in the private medical sector will be exposed to attack. The protection of patient data and infrastructures is quite expensive and therefore difficult to implement for some companies - especially in economically challenging times.
- Health-related cyberattacks are becoming a means of geopolitical pressure. The attribution of such attacks will be used as an argument in diplomatic disputes.
- Patient data leaks from cloud services. The increasing use of cloud infrastructures by health institutions and the storage of personal information in the cloud entails additional risks. In view of the received Kaspersky forecast from last year that interest in health-related user data will increase, healthcare facilities must take serious measures to protect their cloud infrastructures.
- Medical topics remain bait topics. The human factor is one of the most important components of many attacks and information about new restrictions, possible treatments, and patient health will continue to attract user attention. Kaspersky experts believe that leaked medical records are used in targeted attacks, as accurate and correct patient information gives fake messages more credibility.
- A stronger focus on digital security in hospitals. The past has shown that security incidents like the Wannacry epidemic in 2017 and the coronavirus pandemic in 2020 are exactly what drives companies to pay more attention to the security of their infrastructure.
More on this at SecureList from Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/