The World is Getting Sick of Cyberattacks

With the brutal pandemic approaching its second year, humankind needs everything to go right with the development and deployment of a vaccine to help us limit the catastrophic damage COVID-19 has inflicted on our collective lives. The last thing that the world needs is cybercriminals derailing these efforts with their relentless pursuit of monetizing attacks on healthcare targets. However, if attackers are set on delaying our pursuit of life-saving treatments to enrich themselves, make no mistake: that is precisely what they are willing to do.

Here is just a sampling of the sinister stories that have been recently reported:

• Criminals masqueraded as recruiters on WhatsApp and LinkedIn, sending spear-phishing emails to employees of vaccine developer AstraZeneca. The emails arrived in the guise of job offers and were laden with malicious attachments that provided access to the target's computer.
• A cyber-attack on European Medicines Agency (EMA) led to a leak of illicitly accessed information related to COVID-19 medicines and vaccines belonging to third parties.
• Widespread attacks have been directed at the vaccine supply chain, looking to take advantage of everything from trucking, rail, cold storage providers, and manufacturers of dry ice and solar panels that power vaccine storage trailers.

The reasons for these attacks typically have one predominant motive: financial gain. Criminals are acutely aware that there is an unprecedented urgency to administer millions of vaccine doses. If a company is struck by a cyberattack, it may be all too willing to dispense with methodical recovery procedures (e.g., restoration from backups), and instead pay a sizable ransom to the criminals so that it can, in theory, quickly reverse the attack. Knowing this is the likely outcome, cyber assaults on the healthcare sector continue to surge in both frequency and sophistication, disrupting our race to stem the tide of the pandemic.

So, what is the best medicine for preventing cyberattacks? Citrin Cooperman offers a wide array of cybersecurity services to help your business fortify its defenses against attacks, including:

• Cybersecurity Assessments
  
  • If you don’t know what data you have or how well it is being defended, it is difficult to protect your business. Citrin Cooperman provides an array of cybersecurity assessments to help businesses identify and protect the most critical systems and data, recognize and prioritize gaps, and build a roadmap to a safer and more secure environment.
• Security Awareness Training and Spear-Phishing Simulations
  • Since the genesis of over 90% of data breaches is a spear-phishing attack, it is imperative to train employees to identify and avoid this threat. Citrin Cooperman can provide your business with the training and simulations needed to avoid the scourge of spear-phishing.
• Penetration Testing
  
  • A misconfigured network device can open the door for cyber criminals to enter your business. Citrin Cooperman’s vulnerability management team can act as a “simulated bad guy” and conduct internal and external penetration testing to identify and address any vulnerabilities.

To help maintain healthy cybersecurity, consider setting up a meeting to discuss how Citrin Cooperman can help protect your business. To get started, please reach out to Kevin Ricci at kricci@citrincooperman.com.