The global pandemic has dramatically raised the profile of healthcare and life science companies. But at the same time, it has also highlighted the apparent cybersecurity vulnerabilities and constant threat these organisations find themselves under.
Disrupting the supply chain
Modern pharmaceutical manufacturing techniques operate on a global basis. Raw materials may be produced in one country, while the medicines themselves are made in another. And as is the case with the Pfizer vaccine, drugs need to be transported quickly between locations at a very low temperature to maintain efficacy.
As supply of crucial vaccines remains constrained, intelligence agencies have reported the emergence of “vaccine nationalism”. They suggest that national governments are employing cyberwarfare techniques to disrupt the global supply chain.
Why? It may be that some governments are simply trying to ensure that they are able to source the vaccines their citizens need. Others may be trying to disrupt and discredit treatments to undermine global confidence and boost sales of their own. This includes the spread of misinformation across social media and news outlets to mislead the general public about vaccine efficacy and the dangers of COVID-19 infection.
Ransomware is still the biggest threat
Despite these concerns, basic greed remains the biggest threat to healthcare providers globally. Cybercriminals have been targeting hospitals and care providers with ransomware, hoping to extract large payments in return for clearing up the infections.
The US appears to be a prime target for these attacks. One report suggests six American hospitals in a single day – and each was ransomed for at least $1m. Many patients had life-saving treatment delayed or cancelled because of the disruption.
In the UK, lessons have been learned since the infamous 2017 Wannacry rasomware attack that crippled some NHS trusts for several days. NHSx, the body responsible for determining NHS IT strategy, is confident that anti-ransomware defences are much stronger now. They also suggest that hackers are less interested in targeting UK healthcare providers because they are believed to be “less rich” – and therefore less able to pay a large ransom.
An ongoing battle
In order to better coordinate their pandemic response, healthcare providers have been rapidly upgrading and linking their various IT systems. Digitising their processes allows medical professionals to better understand the progress of the virus and how best to treat infected payments.
At the same time, increased digitisation provides more opportunities for hackers because they have a greater choice of systems to attack. This means that healthcare providers are involved in a constant battle, trying to update and secure their platforms before criminals can break in.
The good news is that the healthcare industry is learning from the mistakes of the past. Most have robust security systems in place to keep hackers out – now they need to address the ransomware issue and find ways to prevent future infections.