Life Sciences Industry Becomes Latest Arena in Hackers’ Digital Warfare
A global pandemic has left life sciences companies with giant targets on their backs for cyberattacks.
As of December, at least six pharmaceutical companies in the U.S., U.K. and South Korea working on COVID-19 treatments were targeted by North Korean hackers, according to the Wall Street Journal. The hackers were out for sensitive information to sell or weaponize.
Many hospitals running COVID-19 antibody trials have seen at least triple the attempts to access servers compared to previous years. Intelligence agencies have warned health care systems repeatedly about vaccine-related research thefts by nation-state-backed hackers.
In a report, the U.K. government identified life sciences as the main target of intellectual property theft after analyzing 26 different industries. Medical records are now ten times more valuable to hackers than credit card details.
Being a smaller company doesn’t exempt you from the trend. A majority of targeted cyber-attacks are on small and medium-sized businesses. BioSpace has the scoop on keeping your company safe from Ben Hall, a cybersecurity expert.
“One of the reasons why health care is one of those easier targets is typically because they don’t necessarily have a formal IT staff that is dedicated towards security. They are often more operational in nature. Security is a part of their process but not necessarily the focal point,” Hall said. “It opens up that opportunity for criminals to come in and spread whatever malicious intent they’re able to implement.”
Hall recommends all organizations have some type of formal risk assessment done annually, either internally or externally. For those without a dedicated IT security team, cybersecurity companies can help seek out every weakness or potential opportunity for hackers to get in, then work with the company to mitigate those risks.
These security evaluations should be done not only on the network’s security, but also on a user level. Ongoing staff training is essential. Even something as simple as clear instructions on what to do when a work badge is lost is important.
Hall recommends employees use a robust password that isn’t easily guessed. And no, that sticky note with your log in info taped to the bottom of your keyboard is NOT secure. His personal favorite is to use a phrase from whatever song you’re currently listening to. A sixteen-character password rolls off the keyboard a bit better when lyrical.
He also suggests the use of password vaults like Last Pass or One Pass or a vault offered by your organization to keep passwords secure. Then it’s only one username and password to remember.
Phishing is an extremely common way to attempt to gain access to an organization. Although many of us have come to recognize the attempts, all it takes is one single employee clicking the phishing link or opening the file to expose the company’s network. It still works, so it’s still being utilized regularly.
Using a security incidence event management tool, SIEM, to create a log of firewall traffic and identify potential anomalies can help companies defend themselves. XDR, Extended Detection and Response takes that a step further to look for potential exploits, block them, break them down and add those signatures to the network to further protect.
The COVID-19 pandemic has presented many companies with a new risk opportunity – a major influx of work from home staff.
“It starts at the policy level. When you’re allowing your staff to work remote what’s your process to one, keep them informed and trained and two, how are they going to be able to access the information they need to,” Hall said. “Organizations need to create a VPN, a virtual private network that has an encrypted channel between that remote worker and back into the organization.”
With the VPN, companies should have some sort of multifactor authentication (MFA) in place. This creates that additional layer of security beyond just a username and password. It can be through a third-party application like Do Well, or even Microsoft has its own offering. That additional layer can be through a token, a pin, a phone call, etc. Then, even if a user’s password shows up on a compromised list, the MFA can block attempts to access the company’s network.
Hall also encourages employees to review how they have their personal network setup at home. If you have your Wi-Fi wide open, broadcasting into the neighborhood, it needs locked down.
Never keep the username and password assigned by your service provider, usually found on the bottom of your router. These are standard for providers and can easily be found by hackers. Use your own strong password instead.
You can also increase your internet security by keeping your Wi-Fi hidden. Simply go into “Broadcast Option” in your configuration settings and uncheck. Then to the common user, your Wi-Fi is not visible. “Security by obscurity,” according to Hall.
Lastly, Hall encourages the use of only corporately issued devices, not using the family computer to access the company network. This ensures the appropriate system settings and updates being pushed out by the company are in place. Keeping updated on security patches is essential.
As tech expert Art Wittmann said, “As we’ve come to realize, the idea that security starts and ends with the purchase of a prepackaged firewall is simply misguided.”
If you don’t have in-house security experts, hire a third party to come in and help build the security you need to protect your company. It takes years to build up a company’s reputation. A hacker could tear it down in a matter of minutes. Information is highly valuable. Be sure you’re protecting yours!