The American Medical Association (AMA) and the American Hospital Association (AHA) teamed up to launch new guidance to fight malicious cyberactivity in the midst of the COVID-19 pandemic.
The joint cybersecurity resource from the AMA and AHA called Working from home during the COVID-19 pandemic offers actions both physician groups and hospitals can take to strengthen their computers, networks and medical devices from the rise in COVID-19-themed security threats and attacks, particular as more employees work from home.
The resource includes checklists, sources, tips and advice on strengthening protections, they said.
“Amid increased reports of malicious cyber activity, some physicians and care teams are working from their homes and relying on technologies to support physical distancing measures while ensuring availability of care to those who need it,” said AMA President Patrice Harris, M.D., in a statement. “For physicians helping patients from their homes and using personal computers and mobile devices, the AMA and AHA have moved quickly to provide a resource with important steps to help keep a home office as resilient to viruses, malware and hackers as a medical practice or hospital.”
But amid the coronavirus pandemic, cybersecurity experts have raised the alarm about an increase in cyberattacks as hackers exploit the outbreak's disruption. Among the top targets: government agencies critical to responding to the epidemic including the Department of Health and Human Services.
Cybercriminals are also using fake HIV test results and coronavirus conspiracy theories to break into the computer systems of healthcare companies.
The FBI released a public advisory in early April saying more than 1,200 complaints related to COVID-19 scams were received at its Internet Crime Complaint Center.
“In recent weeks, cyber actors have engaged in phishing campaigns against first responders … deployed ransomware at medical facilities, and created fake COVID-19 websites that quietly download malware to victim devices," the FBI said in a release. "Based on recent trends, the FBI assesses these same groups will target businesses and individuals working from home via telework software vulnerabilities, education technology platforms, and new Business Email Compromise schemes.”
If you didn't receive treatment for #COVID19, check with your medical provider or insurance company to ensure you are not billed for services you did not receive. Read more at https://t.co/RXwMBq8AFP, and report #fraud at https://t.co/E4nYg3SYDj. pic.twitter.com/WZaYQHOi9U— FBI (@FBI) April 14, 2020