In a recent statement by the NCSC, they have highlighted the threat to international healthcare sectors, in light of a 30% increase in the last month alone from targeting by APT Groups.
In light of COVID-19, healthcare organisations both nationally and internationally have found themselves the key focus of cyber-attacks from APT Groups. These attacks are not limited to local governmental bodies, but also medical research bodies, pharmaceutical companies and healthcare bodies.
Some of the most recent incidents include increased phishing website hacking attempts on the World Health Organisations (WHO) and some of its partners. The US Department of Health and Human Services has also felt the consequences of a DDoS (Distributed Denial of Service) attack, intended to disrupt the organisation’s pandemic response.
According to the NCSC, the typical tactics APT actors are using focus around ‘password spraying’ techniques, and they have issued advice to healthcare corporations to ensure employees are using 2-factor authorisations and changing any passwords that are reasonable to guess.
Healthcare organisations have frequently found themselves prey to APT actors whose intent is to gain bulk personal information, intellectual property, and intelligence that aligns national priorities. Naturally, the nature of this information is particularly valuable and sensitive, therefore it is imperative for organisations within the sector to ensure their networks and systems are secure, and on the defensive, when it comes to potential breaches.
Historically, some security analysts have commented that the cyber defence of health sector organisations has been bad, given the nature of data held and processed everyday within them.
With more and more cybercriminals now exploiting the cyber weaknesses of these organisations, it’s imperative that a strong cyber resilience strategy is in place. At Serbus, we’ve recently assisted a pharmaceuticals company to safeguard against such threats, with a defence system in place so as to remain on the front foot against any potential breach.
If you would like to know more about our Serbus Secure suite of tools, and how we can help protect your organisation, please get in touch on firstname.lastname@example.org, or call our office on +44 (0)1432 870 879