Electronic Health Reporter

By Josh Horwitz, COO, Enzoic.

Healthcare employees are on the frontlines of the coronavirus pandemic, in many cases working extended hours under extremely taxing circumstances in an effort to treat the growing number of infected patients. In this environment, it’s critical that everyone is cognizant of an unfortunate reality of our times: hackers are always looking for ways to capitalize on a crisis.

As Forbes’ Thomas Brewster put it, the last few weeks have seen “…an avalanche of digital threats piggybacking on the coronavirus pandemic,” and these are only likely to increase as the international community continues to grapple with the virus. With scams ranging the gamut from a coronavirus tracker that installs malware onto visitors’ devices to takeover of teleconferencing software to fraudulent company discounts or services related to the coronavirus, there is no shortage of ways bad actors are seeking to exploit consumers’ fear and confusion.

As such, it’s important that hospitals and healthcare institutions help employees safeguard their data and ensure they are cognizant of the increased security threats associated with the pandemic. Following are a few tips to consider:

• A rise in phishing scams. As mentioned above, many hackers are employing phishing scams to pose as companies offering a legitimate coronavirus-related service in an attempt to trick recipients into sharing credit card information or other personal data. The good news is that there are some common characteristics associated with phishing attacks that people can use to vet these communications. For example, encourage employees to check for grammar, punctuation and formatting errors as these are often phishing red flags. It’s also important to review links before actually clicking on them and look for things that appear odd such as dashes, extra characters, or additional letters and numbers. Another good practice is to check the email address itself to see if it contains multiple numbers or letters. Finally, encourage employees to always reach out to the company in question to determine the authenticity of an offer before clicking on any links if they harbor doubts.
• Increased online shopping: With more shopping taking place online, particularly for healthcare employees working long hours, the importance of strong, unique passwords is more critical than ever. It’s extremely common for people to create simple passwords that they share across multiple accounts. However, if those credentials have been leaked in a previous breach, hackers can easily use them to access these accounts and all the data they contain. Healthcare institutions must stress the significant vulnerability of this poor password practice, and encourage employees to review existing passwords and ensure any new accounts they create are protected by strong, unique credentials. Password manager solutions can be extremely helpful, particularly for people who are setting up numerous new online accounts in response to “Stay Home” orders.
• An uptick in connectivity: With people working from home or participating in remote learning programs, many families are experiencing an increase in internet connectivity. This undoubtedly puts a strain on bandwidth, but it also introduces some security vulnerabilities. For example, what if a child accidentally downloads malware on the home network? And are connected devices like voice assistants or smart TVs protected by unique passwords, or do they still have the default factory settings? It’s important that employees are aware of the threats that can arise with greater connectivity and ensure they take steps to address them. It’s also essential that hospitals insist employees use their VPN whenever accessing work-related systems or data from home to keep this information protected.

In addition to the considerations outlined above, it’s also important that healthcare employees keep an eye on the evolving cybersecurity landscape as it relates to the pandemic. It’s likely that hackers will continue to find new ways to exploit the situation for their own nefarious purposes. As employees work diligently to combat coronavirus, it’s essential that hospitals remind them to keep their personal information safe.