Health Care Organizations Struggle to Fight Evolving Threats Stemming From Pandemic

By Jane Anderson

Health care entities still trying to adapt to the “new normal” and come to grips with cyberthreats in the shadow of the ongoing COVID-19 pandemic are finding that those threats—many from well-organized international actors—are evolving rapidly and escalating.

Still, there’s good news mixed in: The increase in threats appears to have led to an increase in threat response activities, said Tim Keeler, founder and CEO of Remediant. “Specifically, we’ve noticed an uptick in the number of health systems (providers) and government entities being targeted, with near-daily headlines exposing the latest breach,” Keeler told RPP. “Alone, these shifts may not have impacted the cyber industry, but together these trends have led to noticeable differences in health care entities’ efforts to increase security—a trend reflected in the characteristics of our sales pipeline.”

When the pandemic first gained strength in March, experts warned of existing security risks such as phishing attempts and ransomware, plus new risks associated with the dramatic increase in telemedicine and telework.

In large part, those predictions have come true. For example, Rebecca Herold, president of SIMBUS360 and CEO of The Privacy Professor, said that phishing attempts have increased dramatically. “I personally received more email phishing attempts in the first week of March than in all of January and February combined. And I am not unique—I am seeing similar results experienced by others as well,” she said. Some of the attempts are sophisticated, she said, while others “look like the early types of phishing attempts that were first used back in the late 1990s and early 2000s.”

Some emails Herold has received include old passwords of hers that no longer are in use, along with subject lines reading “I RECORDED YOU!” They claimed to have recordings of her taken through her webcam. “I anticipate many people will fall for this message, and ones similar to it, since it will create fear and surprise in recipients who are not aware of such types of salacious phishing exploits,” she said.

This document is only available to subscribers. Please log in or purchase access.
Purchase Login
 


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field

First name field cannot be blank!
Last name field cannot be blank!
We will send you an email that will give you access to this entire article.
Email field cannot be blank!
Enter a valid email!
Company field cannot be blank!
Enter a valid company!
Title field cannot be blank!

We're committed to your privacy. The Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA) uses the information you provide us to contact you about our relevant content, products, and services. For more information, check out our Privacy Policy.


About SCCE

The Society of Corporate Compliance and Ethics (SCCE) is a non-profit, member-based professional association. SCCE supports our members' work with education, news, and discussion forums. We are a community of leaders, defining and shaping the corporate compliance environment across a wide range of industries and geographic regions. In developing and maintaining effective ethics and compliance programs, our members strengthen and protect their companies.

952.933.4977

About HCCA

The Health Care Compliance Association (HCCA), is a 501(c)6 non-profit, member-based professional association. HCCA was established in 1996 and is headquartered in Minneapolis, MN. We provide training, certification, and other resources to over 10,000 members. Our members include compliance officers and staff from a wide range of organizations, including hospitals, research facilities, clinics and technology service providers.

952.988.0141

Facebook Twitter LinkedIn
Copyright © 2024 by Society of Corporate Compliance and Ethics (SCCE) & Health Care Compliance Association (HCCA). No claim to original US Government works. All rights reserved. All information provided through this site, including without limitation all information such as the “look and feel” of the site, data files, graphics, text, photographs, drawings, logos, images, sounds, music, video or audio files on this site, is owned and/or licensed by SCCE & HCCA or its suppliers and is subject to United States and international copyright, trademark and other intellectual property laws. Any third party logos and/or content provided herein is owned by such third parties and is used by permission herein. Your use of this site to is subject to our Terms Of Use and Privacy Statement.
Cookie settings