In April and May, the country fearfully watched COVID-19 cases spike in the Northeast, especially in New York, and hoped that the surge would be contained and not spread to other states. Unfortunately, that hasn’t proven to be the case. Every day, we wake to more headlines of cases rising across other states and hospitals reaching maximum capacity in their ICUs. And with this surge of patients comes a related surge of medical devices being added to the hospital network to meet patient needs. It is not only the doctors and nurses being overwhelmed, but the IT teams at these affected hospitals. When new devices are added to the network, they can open up a backdoor for cybercriminals lurking in the wings and in the process, leave IT to scramble to keep every device – and every patient connected to them – protected.
The reason for the rush is simple. Since the pandemic started earlier this year, there has been a demonstrable spike in the number of healthcare cyberattacks. We’ve heard from a Justice Department official that healthcare researchers and the industry are being targeted for valuable research information. Other research by Bitdefender finds that ransomware attacks spiked in February, March, and April and that hospitals experienced a 60 percent increase in cyberattacks in March over February. All of this research points to the clear fact: cybercriminals are aiming to take advantage of the uncertainty and high stress environments caused by COVID-19, and specifically, looking to exploit the healthcare institutions who are so desperately focused on patient care.