What's next for cybersecurity in 2021? Ransomware-as-a-service, DDoS and more
This year saw unprecedented changes in the cybersecurity landscape, with rapid telehealth rollouts and massive shifts to at-home work highlighting new vulnerabilities.
In 2021, experts predicted at the HIMSS Healthcare Security Forum this week, bad actors will likely use tried-and-true techniques to keep exploiting novel gaps in organizations' defenses.
"There's a reason why many of the old types of attack still work," said Denise Anderson, president of the Health Information Sharing and Analysis Center.
During a Monday panel session with Tom Leary, senior vice president of government relations at HIMSS (parent company of Healthcare IT News), Anderson said it will be important to continue best practices to guard against breaches in the new year.
At the start of the COVID-19 pandemic in the United States, as workplaces dramatically changed their practices, Anderson said, "we saw a lot of incidents literally overnight."
"The threat actors … were very active the minute [COVID-19] started happening," Anderson continued.
Phishing and ransomware were huge issues in 2020, Anderson said, particularly when it came to crafted messaging around COVID-19 – and she expected that to continue next year, with criminals using timely "lures" around the inauguration of President-elect Joe Biden or the coronavirus vaccine to tempt individuals into clicking on suspicious links.
"If you're not paying attention and you're not situationally aware of what's going on, you could easily fall for something you shouldn't," she said.
Ransomware, in general, has become an enduring threat in the healthcare landscape, with multiple organizations suffering high-profile attacks in recent weeks.
"Ransomware-as-a-service is out there in the criminal underworld, and they're changing the ways they do ransomware," she said. Anderson predicted that cybercriminals won't just encrypt data. They'll threaten to release data, especially sensitive information, out into the public sphere, or to levy distributed denial-of-service attacks against a network.
"Obviously, threat actors are continuously going to evolve," she said.
Business-email compromise will also still be an issue, she said, even at large companies: "They've gotten so slick in the way that they've been able to lure people into their malicious activity."
Anderson also noted the danger posed to patients of a blended threat, such as when companies are dealing with a ransomware incident while also trying to respond to disasters such as fires, hurricanes – or a pandemic.
"Those are something that we always need to be very mindful of, is the relationship between the physical and the cyber, and how they can impact an operation."
To protect themselves in the new year, organizations should continue to implement best practices with cyber hygiene: whitelisting apps, segmenting the network, patching and understanding any danger posed by third-party services that might not be adhering to robust security protocols.
"Education is huge," Anderson said: making sure employees are aware of the threats and their implications.
Ultimately, Anderson said, "cyber has become, and has to be, a patient safety issue."
Taking Stock of Progress and Looking Ahead
This December, we look back at a challenging year – and forward to what we hope is a better, stronger, more connected and resilient healthcare ecosystem.