Cybersecurity Threats Targeting Health Organizations Amid the COVID-19 Pandemic

Cyber-Attack
Author’s Name
Institutional Affiliation
Course Code and Name
Professor’s Name
Date
Cyber-Attack
Abstract
Cyber-attacks targeting health organizations' computer systems have been on the rise during the period of the coronavirus pandemic. Cybercriminals are taking advantage of the strain on health institutions caused by the increase of COVID-19 caseloads. Cyber-attackers are driven by different motives when breaching health organizations' computer networks. My research is vital since it helps identify why cybercriminals are targeting health organizations amid the coronavirus pandemic. First, hackers are motivated by money. When these criminals use malware, such as TrickBot or BazarLoader, they disrupt hospital services and ask for exorbitant costs to restore normal operations. Second, some hackers are motivated to steal patients' data and use it in fraudulent activities or sell it on the black market. Third, another group of cybercriminals is inspired to penetrate and remain in computer networks for an extended period to manipulate patients' data. The last group of hackers is dangerous since it can influence physician decisions' adversely. The primary aim of this paper is to show why there has been a rise in cyber-attacks affecting hospitals and why hackers are targeting medical organizations amid the COVID-19 pandemic.
Introduction
The COVID-19 pandemic has increased hospitals' vulnerabilities to cyber-attacks. Incidents of cyber-breaches affecting health institutions have been on the rise since the onset of the coronavirus pandemic. Hackers have been targeting hospitals that are strained by cases of COVID-19 since they know that little attention is given to the maintenance and monitoring of their computer systems. Cybercriminals are targeting health organizations due to three primary reasons. First, they want to disrupt service delivery and ask for a lump sum to restore normal operations. Second, hackers target hospitals to steal patients' data and use it in fraudulent activities or sell it on the black market. Third, cyber-attackers want to manipulate patients' data, which can mislead physicians' treatment decisions, and remain in the system for an extended period to access more information. The primary research question for this research paper is to determine why hackers are increasingly targeting health organizations' computer networks during the period the world is fighting against the COVID-19 pandemic. Cybersecurity in the healthcare sector should be studied to identify various strategies that can be used to eliminate it. Specifically, the interconnectivity of electronic devices in health organizations is rapidly increasing, which makes hospitals' computer systems more vulnerable to hacking. Without understanding why hacking has been growing during the period of the coronavirus pandemic, it would be tough to stop it. Healthcare is a sensitive field that deals with people's lives, which should be safeguarded at all the time regardless of whether there is a pandemic or not. Besides, if information systems are rendered inoperable, the operations of health organizations would be paralyzed, and many individuals might lose their lives. The paper focuses on recent articles showing why there is an increase in cyber-attacks affecting hospitals' computer networks and the reasons hackers are targeting health organizations during the period of the COVID-19 pandemic.
Literature Review
Currently, health organizations cannot operate efficiently and effectively without using technology. Many hospitals have already implemented electronic health recording systems, and others are doing it to improve patient care. Although this is the best move, the use of technology in health organizations leads to various challenges. One of the problems is hacking, which has been rapidly increasing during this time. The world is fighting against the coronavirus pandemic. Hackers have different motives, namely to disrupt medical services and ask money to restore operations, to steal patients' data and sell it in the black market, where it's used for fraudulent activities, such as identity theft, and to manipulate patients' data, which might mislead physicians in their treatment decisions.
In late 2020, many hospitals in the United States of America (USA) were strained by the rapidly increasing cases of COVID-19, which allowed hackers to look for security loopholes to penetrate their computer systems. The European Medicines Agency (EMA) was one of the affected health organizations. Hackers accessed the vaccine data from Moderna and Pfizer and leaked it online after manipulating the data to undermine the credibility of the vaccine to the public (Drees, 2021). These cyber attackers were not motivated by financial gains but rather manipulated vaccine data to tarnish the name of pharmaceutical companies involved and undermine the vaccine's credibility. According to Curtis Cole, the chief information officer (CIO), managing director, and assistance vice provost of information services at Weill Cornell Medical College, New York, such type of hackers have an objective of undermining the data source and damage the reputation of legitimate researchers and their organizations (Drees, 2021). Additionally, Christian Dameff, the medical director of cybersecurity and the managing director at UC San Diego Health, said that these cybercriminals wanted to manipulate the data to raise safety concerns of the vaccine. Such cyber-attackers are the ones who breach hospital networks, manage patients' data, and remain in the system for an extended period without being identified.
Lynne Coventry and Dawn Branley assert that the increased connectivity of health organizations’ computer networks has exposed medical electronic devices to cybersecurity vulnerabilities. Today, a typical hospital bed in the USA has around 10 to 15 connected devices (Coventry & Branley, 2018). Besides, the interconnection of devices in the health institutions has numerous benefits, such as facilitating efficiency, remote monitoring of patients, automation, and error reduction. Researchers say that cybercrime targeting the medical sector has been on the rise since healthcare has valuable data that cybercriminals can sell on the black market (Zwilling, 2021). Notably, hackers are motivated to attack health organizations so that they can obtain data to sell in the dark web, which is used in fraudulent activities (Abukari & Bankas, 2020). The cybersecurity problem in the medical sector did not start when the COVID-19 pandemic started, but rather coronavirus has made many hospitals vulnerable since they are not attentive in safeguarding patients’ data due to increased coronavirus caseloads.
Michelle Drolet, the chief executive officer (CEO) of Towerwall, says that cyber-attacks targeting health organizations have been a severe threat of 2020. Cybercriminals perceive the medical sector as a profitable industry since their primary objective is to cripple hospitals' computer networks and demand for high costs to restore the services. The Federal Bureau of Investigation (FBI) has continually cautioned health organizations to protect patients' data since potential cyber-attacks from malware, such as TrickBot and BazarLoader, are paralyzing hospital operations (Drolet, 2021). For example, when the UVM Health Network encountered a cyber-breach, about 5,000 computers in the network were rendered inoperable. Notably, 300 employees were furloughed for approximately 40 days before the computer network was restored, which cost the hospital around $63 million (Drolet, 2021). Consequently, cyber-attackers target hospitals to benefit financially.
Lallie et al. (2021) depict that for a cyber-crime to take place, three primary factors, namely a victim, an opportunity, and motive, must exist (Lallie et al., 2021). In the scenario at hand, the victims are health organizations, particularly those with increased caseloads of coronavirus. The opportunity is COVID-19 since the increased infections shift the attention of many hospitals by thinking about what they can do to address the health issue. When it comes to the motive, it is money that hackers want. Cyber-attackers can achieve this objective by selling patients' data in the black market or asking for a lump sum to restore operations in health organizations they have breached (Hejase, Fayyad-Kazan, Hejase, & Moukadem, 2021). Besides, hackers know that health organizations are profitable businesses and that they are likely to get money they ask for to restore operations since hospitals do not want to risk their patients' lives.
Hackers are using the COVID-19 pandemic as an opportunity to make profits. Figure 1 below shows cybersecurity threats targeting health organizations amid the coronavirus pandemic (Khan, Brohi, & Zaman, 2020).
Figure 1: Cybersecurity Threats Targeting Health Organizations Amid the COVID-19 Pandemic.
Khan et al. (2020) portray that malicious attackers are using the coronavirus pandemic as an opportunity to make profits. As shown in figure 1 above, healthcare systems are breached using malware, spam emails, denial of service attacks, malicious domains and social media messaging, and ransomware, which compromise patients’ records integrity and confidentiality (Khan, Brohi, & Zaman, 2020). When hackers launch attacks successfully, they ask for money to restore normal services. Additionally, Menaka Muthuppalaniappan and Kerrie Stevenson reveal that cybercriminals are capitalizing on hospitals’ vulnerabilities during this period of the coronavirus pandemic to benefit financially (Muthuppalaniappan & Stevenson, 2021). The primary motivation that hackers have when targeting health organizations is that they know that hospitals will pay the money they demand to restore operations since they want to help many people who have been affected by COVID-19.
He et al. (2021) highlight that the COVID-19 pandemic has tested the resilience of health organizations’ information systems. Malware, ransomware, and phishing attacks targeting hospitals have been on the rise as crybercriminals look for ways to make more money (He, Aliyu, Evans, & Luo, 2021). Bernardi Pranggono and Abdullahi Arabo added that the Advanced Persistent Threat (APT) and cyber-attackers are taking advantage of the coronavirus pandemic to target vulnerable hospitals’ computer networks (Pranggono & Arabo, 2021). Cybercriminals understand that health organizations have mobilized their resources to eliminate COVID-19 and that many hospitals do not update their systems regularly.
Cybercriminals know that patients' data is precious on the black market. If breached hospitals fail to pay a lump sum for service restoration, the information can be sold and used for fraudulent activities. Joel Chigada and Rujeko Madzinga depict that cyber-attacks targeting health organizations have increased in the past two years since hackers have realized the potential profit gains (Chigada & Madzinga, 2021). Similarly, Karpenko et al. (2021) show that the most significant motivation of cyber-breaches is money. Cybercriminals make money by defrauding people and organizations (Karpenko, Kuczabski, & Havryliak, 2021). As a result, when they penetrate hospital computer systems, they demand exorbitant prices to restore operations. In other words, these criminals do not devote the time they spend trying to penetrate computer networks for nothing, and that is why they demand a lump sum.
The COVID-19 pandemic has presented health organizations as promising targets for cybercriminals. Johannes Klick, Robert Koch, and Thomas Brandstetter say that different cyber gangs, such as DoppelPaymer and Maze groups, have capitalized on ransomware attacks, which skyrocketed the USA-based hospitals in October 2020 (Klick, Koch, & Brandstetter, 2021). When hackers infect their victims' computer networks with malware, they encrypt the data. As such, individuals and health organizations affected cannot access the information without a decryption key (Georgescu, 2021). That is the point where cybercriminals ask for money from hospitals so that they can give them the decryption key. Based on Raghad Khweiled, Mahmoud Jazzar, and Derar Eleyan, the common types of cybercrimes include phishing, ransomware, the spread of misinformation, distributed denial of service, and sunburst Trojans (Khweiled, Jazzar, & Eleyan, 2021). Figure 2 below shows the percentages of top industries in the USA targeted by cybercriminals using ransomware attacks.
Figure 2: Top Sectors in the USA Targeted by Cyber-Attackers Using Ransomware in 2020.
As portrayed above, healthcare is the second most hit sector by ransomware attacks after the government agencies. In some cases, cybercriminals target vaccine data and other relevant information that can be sold to competitors in the medical industry. Ramadan et al. (2021) argue that the COVID-19 pandemic has caused an increase in work-from-home programs, ransomware attacks, unsecured hospital networks, the use of personal devices at the workplace, social engineering attempts, phishing, and denial of service attacks (Ramadan et al., 2021). For instance, people have been warned to be careful when responding to emails or messages on social network platforms asking about coronavirus since the motive of senders, if not credible, remains unknown.
Since the onset of the COVID-19 pandemic, numerous researches have been done that show how cyber-attacks targeting hospitals have increased. The majority of these studies reveal how health organizations have been hit hard. Others portray that federal agencies have cautioned hospitals to remain vigilant when safeguarding public health information. However, no research has entirely focused on the motive behind the rapidly increasing cyber-breaches during this period of the COVID-19 pandemic. In that light, the primary ai...