During a pandemic, the cyber security of health care facilities can be a public health issue.
That’s why experts from Finland’s tight-knit hacking community led by Taneli Kaivola have stepped up to provide crucial infosec and risk management to medical providers fighting COVID-19 throughout the country. And Antti Laatikainen, Senior Security Consultant at F-Secure, has joined the ranks of KyberVPK — the Community Cyber Response Force.
Always a way to profit
As the novel Coronavirus spread around the globe, criminals noticed.
Phishers and other attackers adapted as the virus spread to exploit the public’s growing fear around the crisis. But it was the assault in the systems of hospitals and other health care institutions working to fight the novel Coronavirus that convinced Antti and many other infosec pros join this effort.
“Though the threat actors haven’t been identified, there’s a clear indication that that at least some of these attacks are intentional,” Antti said. “Someone will always find a way to profit off any situation.”
The thought of exploiting the greatest public health emergency of the century is unconceivable to Antti.
“As a person working in this field and a human being, it’s hard to imagine the logic behind that.”
Unfortunately, wherever there’s an opportunity—no matter how bleak times may get—some criminals will purposely seek to exploit it.
Row the boat and fix it at the same time
The risk management skills that Antti helps companies apply in normal times can take on new significance when fighting a pandemic.
“Some human errors are inevitable when people are in panic mode,” he said. “People may start shortcutting things. They open internal services to the internet, implement fixes and solutions to support remote working without proper planning and remove existing security controls in order to make working faster and easier. This can leave an opening for opportunistic criminals to exploit.”
Even on their best days, hospitals—like many large public-facing institutions—can struggle when it comes to cyber security, which is why they have become a common target for ransomware attacks over the last few years.
This is true for a variety of reasons, Antti noted. Limitations on resources challenge many institutions. And the massive range of departments and medical services being provided on a single campus can make it difficult to secure the digital systems that have become an essential to providing care.
“There can be a strong of sense compartmentalization. The staff is very busy and though they know they are dealing with extremely sensitive data, they may not prioritize securing that data because they think, ‘We’re not an IT company.’”
Yet almost every company is an IT company these days—even organizations in the business of saving lives. And a crisis can reveal cyber security issues that must be dealt with quickly, even if there aren’t resources to deal with these issues other life-or-death matters cannot be ignored.
“You have to row the boat and fix it at the same time,” Antti said. “The advice is primarily about protecting these health care providers from attackers. And wherever possible we also help them maintain their operative functionality and suggest longer term improvements in order to prevent them from being breached again in the future.”
This is what hackers do
The unique way these hackers have stepped up could be seen as another example of how Finland’s hard-earned survival instincts are being deployed in a society-wide effort to contain the virus. Whether this sort of effort lasts beyond the pandemic and comes to operate like a sort of volunteer cyber fire department is an open question for now.
“The spirit is strong now,” Antti said. “But it’s easy to volunteer when the town is on fire.”
Antti—who during normal times enjoys working as a security management consultant for a variety of industries—can conceive of a sort of on-call brigade of volunteer security pros continuing after this emergency is over. Perhaps, he speculated, experts could offer help to those who serve their community but can’t afford top consultants.
“This is what hackers do,” he said.