Eugene Kaspersky: cyberattacks on hospitals during COVID-19 pandemic akin to terror attacks
April 2020 by Kaspersky
• Kaspersky identifies medical institutions as most vulnerable targets during the coronavirus outbreak
• Company’s cybersecurity experts believe the transition to working from home will have little impact on the cybercriminals’ ability to carry out attacks
• Social tracking applications should be implemented cautiously for the specific purpose of saving lives
• Businesses are urged to plan ahead and recognise new ways of working Kaspersky Founder and CEO Eugene Kaspersky believes cyberattacks on hospitals during the COVID-19 pandemic are on par with terrorist incidents. As healthcare professionals around the world endeavour to protect humanity from the ongoing coronavirus crisis, malefactors are targeting potentially vulnerable medical institutions to carry out their dangerous activity.
In an online press conference on Wednesday, April 22, Eugene Kaspersky was joined by Costin Raiu, Kaspersky’s Director of Global Research and Analysis Team, and Yury Namestnikov, the company’s Head of Global Research and Analysis Team for Russia, to discuss the cybersecurity implications of the COVID-19 outbreak. Eugene Kaspersky told delegates that, despite the current social distancing measures that have been put in place around the world, there will be very little impact on the cybersecurity landscape.
He said: “Cybercriminals are very likely to stay active. They are used to working from home and their circumstances have not changed drastically. They will keep trying to attack businesses and individuals and it is our job to keeping working hard and defend our customers. Any attack made on a hospital at this time can be seen as equivalent to a terrorist attack.”
Costin Raiu would like to see any malicious individuals or groups that carry out attacks on healthcare organisations heavily reprimanded and added: “The message must be clear to cybercriminals that anybody targeting medical institutions will be hunted down by LEAs and cybersecurity companies like ourselves to make sure they are brought to justice.”
The company has already taken significant steps to support healthcare organizations at this difficult time, with its range of corporate security products available to the sector free for six months. Costin Raiu believes that while pressure may be on medical institutions to keep their systems secure, the current circumstances have made this a greater challenge than usual.
He said: “People in hospitals are understandably having to concentrate on looking after their patients and saving lives. They are not necessarily worried about updating their systems. They may also be managing and prioritising resources differently and if they need to choose between investing in cybersecurity solutions or buying medical equipment, there is only one clear choice.”
Regarding the general threat landscape, the last few months have seen a rise in both opportunistic and targeted attacks, with spear phishing campaigns in particular causing challenges as they target users with fake coronavirus-related advice. Yury Namestnikov added: “We are seeing a spread in COVID-19 messaging to trick people into opening malicious links or attachments and downloading malware. We saw 43% growth in this sort of attack between January and March 2020.”
Staying on track
Since the COVID-19 outbreak, social tracking applications have been developed to inform civilians if they have recently been in contact with somebody who has contracted the virus. While these applications are being created to benefit humanity, there are some reservations and concerns about how such technology could impact personal privacy. Yury Namestnikov said: “This technology should be implemented if it can save lives. But managing such large amounts of data must be done correctly and properly secured and encrypted to keep information safe. If done so correctly and transparently, authorities can check which organisations have collected and used this data.”
Costin Raiu hopes that any apps that are released are only needed as temporary measures and businesses do not see them as an opportunity to monetise personal data. He added: “We face an impossible choice. Mobile tracking is used to tell others about who they have been in contact with and the best way to keep yourself safe is to stay at home. We must put this technology behind us when we go back to normality and hope it is not a permanent part of society.”
Kaspersky remains committed to supporting its customers during the current crisis and has adapted well since transitioning its workforce to working from home. While the current period does have its challenges, there are also opportunities to be had in the future. Eugene Kaspersky believes businesses will be able to connect with more people than ever before when a resemblance of normality returns to everyday life.
He said: “One day, this will all be over, and everyone will want to see each other again in person. Quite often, face-to-face connections are the best way for people to interact and I enjoy seeing so many people in my working life. But we can also take advantage of the technology we are benefitting from now. For instance, this year we have postponed our Security Analyst Summit but this year we can run two ‘versions’ of the same conference - a physical one and an online one. Businesses can plan now for when we go back to normal and build stronger customer relationships.”