Disclaimer: This blog article was written by an AdvancedMD partner. The views and opinions expressed in this article are those of the author(s) and do not necessarily reflect the official policy or position of AdvancedMD.
Interpol recently published an article on COVID-19 cyberthreats that discusses the increased risk of cyberattacks during, and perhaps as a result of, the pandemic. By understanding the threats, medical practices have a better chance of avoiding damaging cyberattacks. These threats include:
- Malicious domains
In the latest wave of criminal cyberactivity, hackers are taking advantage of users’ need for information by registering domains with “COVID-19” in the name. This type of attack is hard to distinguish since there are many legitimate COVID-19 domains that provide valuable information. Surfing an illegitimate site may result in malware such as ransomware being installed on your computer. If the site outwardly encourages visitors to bookmark, return, and/or recommend the site to others, you should be wary of the source.
Another tact cybercriminals take is asking if you’d like to receive news and updates. By providing contact information, you’re allowing them to send spam that may contain malicious attachments. Too often, users end up opening an email with an important or critical news alert from this “trusted” source, only to discover later that their device has been infected with malware.
The site may even ask you to create an account with name, contact Information, username, and password. The risk here is that people often use the same username and password for multiple accounts. Once the hackers have a username and password, they can attempt logging into users’ email, online banking, and other internet services. With email access alone, they can send messages to any and all contacts with a link to the malicious site, recommending account registration. Clearly, this has the potential to spread malware and their viruses exponentially. And we all know the probable consequences of bank account access.
Fortunately, there are ways to combat these threats.
First, you can set up your office with an “allowed list” of domains using the hardware firewall that comes with your router. When using an allowed list, people inside your organization can ONLY visit those domains added to the list. If the domain is not on your list, people in your office simply cannot access the website. This option may take time to set up and manage, but it is typically highly effective.
You could also install an anti-malware service that integrates with your web browsers and provides a warning when somebody attempts to visit a known malicious domain. The effectiveness of this approach depends on the service and the domains it qualifies as malicious. Though this option can be easier to manage than the hardware firewall, it may be less secure.
A third option is integrating anti-malware with your email solution so it detects malicious attachments and removes them before a network user is able to open them. When employing this method, it’s essential to ensure anti-malware software is up-to-date and set to run regular system scans for any signs of malware.
Of all these methods, the best thing you can do is make sure all staff members are aware of these cyberthreat tactics, especially bringing attention to suspicious COVID-19 websites. Let your staff know that, in this day and age, it’s not safe to simply surf the web looking for information. More than ever, it’s safest and wisest to only visit known and trusted websites. It helps to point out that trusted websites typically come from academic institutions ending in .edu and government information websites ending in .gov.
You should also make sure system backups are done regularly and that the backups are stored offsite. If attached to your network, a backup may put your storage devices at risk, allowing them to get infected during the process.
Unfortunately, cyberhackers are always looking for new opportunities to infect computers in hopes of accessing, stealing, or holding personal data ransom. It’s up to us to remain vigilant, build our defenses, and protect the integrity and privacy of all our data.
For more information on cybersecurity and protecting your office network, please contact Dr. Michael Brody at TLD Systems.
(631) 403 6687.