Knowledge Articles

Phishing expeditions on the rise to exploit fears surrounding COVID-19 crisis

The healthcare sector is the target of increasing phishing attacks amid COVID19 pandemic.

Considering that the health sector is already a prime target for cyberattacks, the coronavirus pandemic has added another layer of risk to the already heavily burdened sector. In an attempt to mitigate the health crisis, hospital employees have been forced to focus on their primary roles and this has left them vulnerable to phishing emails (ENISA, 2020). In these emails, hackers and cybercriminals pose as legitimate government and health organisations as well as banks or financial institutions. Due to technological developments, is has become easier to work from home, to join meetings and conferences remotely, to stay in touch with friends and family, and to entertain one’s self. However, these technologies bring along their own issues of cybersecurity and privacy (Khan, et al, 2020).

They claim to have information and updates about the pandemic (in relation to the services they provide). These malware actors often exploit hospitals’ demand for Personal Protective Equipment (PPE), increased dependence on inexperienced teleworkers and growing fears and uncertainty concerning the virus (ENISA, 2020). The email messages often request the targets to open email attachments or embedded links which, when opened, download harmful software onto their device (Okuda & Barnett, 2020). The rise of these attacks has been significant, causing many organisations such as the World Health Organization, to post a notice on their website (see figure 1 below):

Image 1: Notice on the WHO official website about phishing and scams surrounding COVID-19. Retrieved from https://www.who.int/about/communications/cyber-security
Image 1: Notice on the WHO official website about phishing and scams surrounding COVID-19. Retrieved from https://www.who.int/about/communications/cyber-security

Different types of malware can be harmful in a number of ways. For example, ransomware can be used by hackers to access and hold an individual’s or an organisation’s data for ransom (Okuda & Barnett, 2020). Hackers can use spyware to gain control over your device allowing them to log keystrokes which enables them to record confidential data like passwords (Regan, 2019). Threat actors use phishing emails to deceive individuals into downloading malware.

These cyberattacks impair healthcare organisations ability to provide essential care to their patients and in doing so put many people’s lives at risk (CyberPeace Institute, 2020). In order to reduce the risk of falling prey to phishing, healthcare organisations must make employees aware of these security risks and train them to pay attention to the following characteristics that may indicate the message is a scam or phishing attempt:

  • The message demands immediate action or evokes an emotional response;
  • The message requests personal information such as login information or banking details;
  • The message tries to convince the reader to download attachments;
  • The message contains spelling and grammatical errors;
  • The message signature contains mistakes in title, department name, and others;
  • The message contains shortened hyperlinks to websites, or when ‘hovering’ over a link with the mouse pointer, an overly long hyperlink is revealed.

In addition to training staff and raising awareness, ENISA (2020) encourages healthcare organisations to put contingency plans in place, to minimise damage in the case of a system breach. Early academic research indicates that cybercriminals are capable and are increasingly effective in their methods by adopting situational factors (such as the pandemic) into their scams (Naidoo, 2020). Merely training staff members will therefore be insufficient to combat future cybersecurity challenges. In these plans, ENISA suggests that backup and continuity procedures should be established, and emergency responses be coordinated and aligned with medical device manufacturers (ENISA, 2020). Like in healthcare itself, emphasis is placed on prevention being better than cure.

Author

Tessa Oomen

Erasmus Universiteit Rotterdam, Netherlands

References

ENISA (2020, May 11). Cybersecurity in the healthcare sector during COVID-19 pandemic. Available from: https://www.enisa.europa.eu/news/enisa-news/cybersecurity-in-the-healthcare-sector-during-covid-19-pandemic

CyberPeace Institute (2020, May 26). CyberPeace Institute – Call for Government. Available from: https://cyberpeaceinstitute.org/campaign/call-for-government

Khan, N.A., Brohi, S.N. & Zaman, N. (2020). Ten Deadly Cyber Security Threats Amid COVID-19 Pandemic. Available from: https://www.techrxiv.org/articles/Ten_Deadly_Cyber_Security_Threats_Amid_COVID-19_Pandemic/12278792

Naidoo, R. (2020). A multi-level influence model of COVID-19 themed cybercrime, European Journal of Information Systems, DOI: 10.1080/0960085X.2020.1771222

Okuda, S., & Barnett, D. (2020, March 26). Phishing in the Time of COVID-19: How to Recognize Malicious Coronavirus phishing scams. Available from: https://www.eff.org/deeplinks/2020/03/phishing-time-covid-19-how-recognize-malicious-coronavirus-phishing-scams

Olcott, J. (2020, March 16). Coronavirus phishing scams: Could hackers target healthcare next? Available from: https://www.verdict.co.uk/coronavirus-phishing-scame-healthcare/

Regan, J. (2019, July 11). What is Malware? How Malware Works & How to Remove It. Available from: https://www.avg.com/en/signal/what-is-malware

Yar, L. (2020, March 19). Phishing emails, trojans and spam in the age of the coronavirus. Available from:  https://www.euractiv.com/section/digital/news/phishing-emails-trojans-and-spam-in-the-age-of-the-coronavirus/

Zamost, S. (2020, March 24). Coronavirus fraudsters prey on fear and confusion with fake products, email scams. Available at: https://www.cnbc.com/2020/03/23/coronavirus-fraudsters-prey-on-fear-with-fake-products-email-scams.html

Links

SecureHospitals.eu Massive Open Online Course on cybersecurity in healthcare: https://www.securehospitals.eu/all-courses/securehospitals/

SecureHospitals.eu Training repository: https://www.securehospitals.eu/training/

SecureHospitals.eu Knowledge repository: https://www.securehospitals.eu/knowledge/

ENISA guidelines: https://www.enisa.europa.eu/news/enisa-news/understanding-and-dealing-with-phishing-during-the-covid-19-pandemic

EUROPOL guidelines and help: https://www.europol.europa.eu/covid-19/covid-19-fraud and https://www.europol.europa.eu/covid-19/covid-19-phishing-and-smishing-scams

European Cyber Security Organisation – Response pack: https://www.linkedin.com/posts/ecso-cyber-security_cybersecurity-response-package-activity-6677161893876039680-n_4L

Keywords

COVID-19, Coronavirus, Phishing, Scam, Cybersecurity, Cyberattack.