The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) issued an advisory to hospitals and other healthcare organizations that cybercriminals are targeting them with phishing campaigns, ransomware, and other malicious acts referencing COVID-19. Cybercriminals are exploiting the fact that the healthcare sector is consumed with COVID-19 management and response to ramp up attacks, including ransomware attacks in the hundreds of thousands to millions of dollars.
NJCCIC recommends the following best practices for users and administrators of healthcare organizations to lower cybersecurity risks:
• “Reinforce security awareness principles and cybersecurity best practices for password security, email and Internet use, and incident reporting.
• Ensure all default passwords are changed to strong passwords for all devices and systems.
• Enable multi-factor authentication as technically and operationally feasible.
• Harden systems and devices by disabling all unnecessary ports, protocols, and services, limiting functionality to only what is required.
• Maintain all hardware and software at the latest vendor-supported security patch levels.
• Deploy anti-malware software on all endpoints capable of running anti-malware software.
• Apply the principle of least privilege, limiting access to the minimal level users require to carry out their duties and responsibilities.
• Implement network segmentation, keeping IoT devices separate from other critical systems and networks.
• Continuously monitor all system, network, application, and user activity for suspicious or anomalous behavior.
• Establish a comprehensive business continuity program that includes a data backup plan in which multiple copies of backups are stored off the network and in a separate and secure location.”
Finally, NJCCIC encourages the healthcare industry to contact them to report cyber security incidents by using their cyber incident report form.