It is one of the classic examples of nothing being sacred. At a time when healthcare is the frontline in the war against the Covid-19 pandemic, the sector is under siege from ruthless cybercriminals aiming to disrupt and profit from these services during the crisis.
According to Interpol, cybercriminals are targeting critical healthcare institutions with ransomware, which can cause near-catastrophic disruption and significant financial losses for hospitals dealing with the sudden increase in Covid-19 patients. If a healthcare system were to go down or data held ransom, lives could be lost. With governments around the world also increasing their testing and contact tracing capabilities, any disruption or corruption of healthcare data could have disastrous effects on healthcare institutions’ ability to respond to the pandemic.
Mimecast, an international cloud-based email management company, says South African healthcare organisations and the people who depend on them are increasingly at risk of falling victim to cyberattacks.
“Healthcare organisations need to reinforce best practices in data protection, especially as it relates to the privacy and security of critical patient data,” says Mikey Molfessis, a cybersecurity specialist at Mimecast. “The deployment of additional healthcare tools such as telehealth, mobile location data, social contact tracking and facial recognition represent a potential Pandora’s box of data security risks that cybercriminals are attempting to exploit.”
Molfessis advises that healthcare organisations in the public and private sectors should ensure they have adequate security measures in place to protect the data of patients from being breached.
“Measures include putting effective security and encryption protocols in place to protect electronic records, having data loss prevention software in place to control what data is shared via emails, protecting the organisation against malicious websites that the workers may inadvertently visit and conducting regular awareness training to ensure healthcare workers can identify and avoid potentially risky behaviour.”
With the peak of the pandemic expected to reach South Africa between June and September only, cybercriminals are likely to continue their campaigns to disrupt and undermine the healthcare sector’s critical work.