The Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) have released a joint warning about an increase in cyberattacks focused on organizations treating and researching the COVID-19 pandemic.
The stress that this pandemic has put on healthcare, pharmaceutical, and medical industry facilities has provided cybercriminals with an ideal opportunity to attempt to infiltrate systems and steal data in a time when busy workers are too overburdened to be vigilant about cybersecurity.
Patch your software. Cyberattackers are scanning the websites of targets and looking for openings in unpatched software. They’ve been known to take advantage of Office 365 vulnerabilities, Citrix vulnerability CVE-2019-19781, and vulnerabilities in VPN products from Pulse Secure, Fortinet, and Palo Alto. Patching everything, every time there’s an update closes these windows.
Defend against password spraying. Bad actors love to use this tactic – they collect details about a target from online sources, identify target accounts, then barrage those accounts with common passwords in the hopes of land a hit that opens the door. Adding Multifactor authentication to every login prevents password spraying attacks from landing.
Keep your security up to date. Is your cybersecurity plan ready to handle constant, sophisticated attacks? Outdated cybersecurity practices and old solutions just aren’t enough to protect against modern attacks. Get an expert assessment to make sure that you’re using a digital risk protection platform that’s ready for today’s threats.
The importance of maintaining strong security has never been higher for any institution in the medical, pharmaceutical or healthcare industry. No company that is trying to fight this pandemic needs the complications that come from a successful cyberattack to complicate their work. By putting smart protections in place now, companies can reduce the chance of disruption by cybercriminals later.