How strong are your passwords? This is the question that security agencies in both the US and the UK are asking health care professionals. That’s because they’ve identified a dramatic rise in the number of attacks targeting these workers and their institutions.
CISA, the cybersecurity arm of the US Department of Homeland Security, has issued a joint alert in conjunction with the United Kingdom’s National Cyber Security Centre (NCSC). According to them, advanced persistent threat (APT) groups are seeking to steal from organizations responding to COVID-19.
This victim group in US and the UK includes healthcare bodies, medical research organizations, pharmaceutical companies, and local even governments and universities.
Why this industry? The pandemic has piqued the interest of APT actors thanks to the potential to obtain secret intelligence or research related to COVID-19. This could be used to further national priorities. Also vulnerable to attack is the bulk personal information of millions of people and the intellectual property of institutions looking for treatments, cures, and vaccines for the virus. Companies developing and distributing vaccines are targets for these attacks because demand for such an item would be astronomical, so it’s no wonder APTs are swarming.
An advanced persistent threat or APT is a group that attempts to gain undetected access to a computer network for a long period of time. Their attacks seek to distribute malicious code to computers across a network in order to perform specific, long-term tasks. Motivations for APT groups are usually political or economic, and they are often operated or sponsored by nations.
The main tool APT actors are using in this endeavor is called password spraying. This type of attack tries to gain access to accounts by trying commonly used passwords. Rather than attempting to brute force their way into a single account which may lock them out after several failed tries, password spraying tries the same few passwords across many accounts. This way, attackers are largely able to avoid detection because they don’t get locked out after too many failed attempts.
These attacks work because people often use weak, easy-to-guess passwords. The NCSC says that common passwords include names (like Ashley, Michael, or Daniel), soccer teams, musicians, and fictional characters. “123456,” “password,” and “qwerty” also made the list with millions of accounts using them.
While both CISA and the NCSC are doing what they can to protect the stressed healthcare industries in their countries, they need the companies and workers themselves to take steps to stop APTs.
The report offers some ways that they can do this. It all starts by using strong, hard-to-guess passwords as well as enabling multi-factor authentication. They also recommend utilizing virtual private networks (VPNs), remote access tools which automatically install the latest patches and updates, and monitoring software to identify when network intrusions are occurring.
Creating an in-depth security plan that works for your healthcare organization can be difficult and time-consuming, but it doesn’t have to be. Rather than fending for yourself, asking for help can be a truly heroic move. As you’ve seen, these threats are on the rise. The time to act is now. Reach out to a trusted managed service provider like us and see how we’re more than your IT department. Contact us here or by phone at (508) 453-4700.