Analysis | The Cybersecurity 202: Security pros form alliance to help hospitals facing hacking threats during pandemic
By Joseph Marks
Cybersecurity companies and professionals are banding together to offer free digital defenses to hospitals that are being pummeled with digital attacks during the coronavirus pandemic.
The group, which calls itself the Cyber Alliance to Defend our Healthcare, struck deals with 87 hospitals and four national health-care services in Europe over the past month. Organizers hope to make similar arrangements with numerous U.S. hospitals this month, they told me.
The effort could be a lifeline as criminals take advantage of coronavirus to lock hospital employees out of their computer systems in exchange for ransoms. They're especially dire – and lucrative – during the pandemic since hospitals can’t afford to be booted out of their systems for any length of time.
“This becomes a matter of life and death because hospitals have their IT systems locked down, sometimes medical devices, too, and can’t function,” André Pienaar, founder of C5 Capital, a cybersecurity-focused investment firm that launched the alliance, told me.
A nurse wears a protective suit, mask, goggles and gloves as he work on a computer inside an intensive care unit for covid-19 patients. (Omar Marques/Getty Images)
The alliance also plans to offer cybersecurity help to labs working on coronavirus treatments and vaccines.That’s partly to prevent their work being slowed by disruptive attacks and to ensure the work isn’t stolen by hackers in adversary nations that want to manufacture copycat treatments or to get a leg up on innovation.
“Protecting that intellectual property is crucial because that’s the future of our health-care community,” retired Gen. Keith Alexander, former U.S. Cyber Command chief, told me.
Alexander’s company IronNet Cybersecurity is one of about 20 companies that are offering free protections through the health-care alliance so far. Pienaar hopes to significantly raise that number as more U.S. hospitals sign up for help, he told me.
The alliance is yet another example of volunteers stepping in to help a vital industry in which cybersecurity protections haven’t kept pace with a boom in threats.It may get help from another volunteer cybersecurity protection group, called the Cyber Threat Intelligence League, which has focused mostly on taking down the digital infrastructure hackers are using to target health-care systems during the pandemic and identifying common security bugs that hospitals should patch.
And cybersecurity pros in the United States launched an initiative called Defending Digital Campaigns last year to offer free and reduced-price help to political campaigns that are being targeted by Russia and other U.S. adversaries.
Hospitals are far more sophisticated when it comes to protecting themselves online than bootstrap political campaigns, said Ron Gula, a cybersecurity investor who helped fund the election effort and is helping recruit companies to join the health-care alliance.
Still, hospitals are still ill-prepared for the volley of attacks they’re facing now.“They just got hit with a huge [coronavirus] crisis and they’re down manpower. So, there’s a… lack of focus on these critical [cybersecurity] issues,” Gula told me.
There’s no hard data about how much hacking against hospitals has increased during the pandemic, but the FBI and Interpol have both described significant spikes. And cybersecurity pros warn the threat is likely to continue as long as the pandemic lasts.
A scientific staffer shows a negative result of a coronavirus-related blood test. (Miguel Medina/AFP/Getty Images)
A lot of that work will be done on a volunteer basis by security pros at member companies, Pienaar said.
“Many [chief cybersecurity officials] in health-care institutions have not seen this scale of cyberattacks. Many of them are overworked and overstretched. So, the alliance is going to be giving a lot of advice on a daily and weekly basis,” Pienaar said.
They’re also hoping their work to improve hospitals’ cybersecurity protections now will make them better prepared for future threats.The health-care sector has broadly improved its digital protections in recent years and grown better at sharing information about threats so that it’s easier to defend against them. But it has lagged other sectors, such as financial services, that have far more mature systems for jointly combating hacking.
“There is no air traffic control picture for health care,” Alexander said. “The software that we're putting on the table says, 'Let's build together a comprehensive picture of what's hitting the sector' … I believe that will start to change the way we think about cyber.”
A Democratic-aligned group will use technology developed to fight Islamic State propaganda to combat Trump’s coronavirus claims on social media.
Defeat Disinfo is an extension of the company Main Street One, which ran similar efforts to counter Russian propaganda in Eastern Europe. The firm’s founder, Curtis Houghland, received Pentagon funding to develop the technology, which was first aimed at combating Islamic extremist messaging on social media.
Houghland says Democrats are ill-prepared to stand up against a grass-roots digital army that continues to back Trump's handling of the pandemic. He cited the surge in tweets defending Trump's suggestion that disinfectants could cure the coronavirus, which he says was led primarily by four accounts that support the president.
Republicans “have greater volume frequency and quality of the digital narrative,” he said.
Trump ordered new restrictions on imports in the electricity sector, citing hacking dangers.
Pacific Gas & Electric workers install a recloser in Yountville, Calif. (David Paul Morris/Bloomberg News)
The danger of such hacks represents a national emergency, the order says. It describes “foreign adversaries [that] are increasingly creating and exploiting vulnerabilities in the United States bulk-power system, which provides the electricity that supports our national defense, vital emergency services, critical infrastructure, economy, and way of life.”
The order doesn't specify nations whose companies might be banned from U.S. electricity systems. But the Trump administration accused Russia in 2018 of launching digital attacks against the U.S. power grid dating back at least two years. The Kremlin was also widely blamed for a cyberattack that disrupted the Ukrainian grid in 2015.
The order will “greatly diminish the ability of foreign adversaries to target our critical electric infrastructure,” Energy Secretary Dan Brouillette said in a statement.
A security lapse exposed millions of records collected by a coronavirus symptom checking app in India.
A police officer stands in front of the state legislature of Karnataka in Bangalore, India. (Jagadeesh NV/EPA-EFE/Shutterstock)
The lapse is sure to bolster privacy critics' concerns that companies are launching technology to help combat the coronavirus without adequate security and privacy protections.
A security researcher found the exposed database May 1. It had been visible online without a password for roughly two weeks, and it's unclear who may have accessed it. Jio took the unsecured system offline after TechCrunch contacted the company.
The report comes amid a global surge in coronavirus tracking. At least 27 countries are using cellphone data to track citizen movements during the pandemic, Kareem Fahim, Min Joo Kim and Steve Hendrix report.
The government contractor ManTech is announcing a new virtual training system today that will simulate cyberattacks against satellites and other space systems.
This illustration made available by NASA depicts the Solar Orbiter satellite in front of the Sun. (ESA/ATG medialab, NASA/SDO/P. Testa (CfA) via AP)
Cyber ranges are increasingly common in the military and industry but typically model cyberattacks against a broad range of technologies rather than focusing on a specialized category.
“Space is woven through our entire infrastructure today, Damian DiPippa, general manager of ManTech's Mission and Intelligence Solutions Business Unit, told me. “If space assets were degraded or spoofed or brought down altogether that would great impact all other industry sectors.”
ManTech expects to contract use of the system to government agencies and companies that will use it to train security workers and to test out the security of their space-based systems by simulating attacks against them.
More news on the convergence of cybersecurity and space:
Securing the ballot
A precedent set by Wisconsin’s chaotic primary could help mail-voting efforts in November.
Doug Milks disinfects voting booths as voters in Madison, Wis., cast ballots in the state's primary election. (Steve Apps/Wisconsin State Journal/AP)
The ruling could mark a late victory for Democrats who lost a battle with Republicans to delay the Wisconsin primary, resulting in thousands of people requesting mail ballots but not receiving them in time and blocks-long lines outside polling places that may have contributed to more than 50 coronavirus infections. Their hope is that less restrictive rules will boost mail-voting among Democrats wary of visiting the polls in person.
Zoom isn't the only videoconferencing software raising privacy red flags.
A woman lifts her glass and cheers with friends during a virtual happy hour. (Olivier Douliery/AFP/Getty Images)
“From a privacy point of view, none of these options are great,” said Bill Fitzgerald, a privacy researcher in Consumer Reports' Digital Lab.
Consumer Reports sent a letter to the companies calling on them to enhance privacy protections, including giving users the option to delete data collected about them, and to make the policies easier for users to understand.
Privacy experts are slamming the Australian government after a breach revealed the personal data of over 700,000 migrants.
Police officers walk along the esplanade at Mooloolaba Beach in Australia on Saturday. (Ian Waldie/Bloomberg News)
More international cybersecurity news:
Chat roomWant to make password security fun for the kids (or maybe your parents)? Web developer Jarrod Overson has tips:
1. The most important lesson is: NEVER reuse passwords for more than one account.— Jarrod Overson (@jsoverson) April 29, 2020
Why? If someone (yes, like a "hacker") gets one password they get access to 👉 all your accounts 👈
This happens all the time. All. The. Time.
- The House Intelligence Committee will host a hearing on the nomination of John Ratcliffe as director of national intelligence on Tuesday at 9:30 a.m.
- The Cyberspace Solarium Commission will host a virtual forum on from 11 a.m. to 12 p.m.