Businesses and pharmaceutical companies have become prime targets for cyber criminals. For many employees switching to work from home has made them more vulnerable to cyber attacks. Amid the continuing coronavirus pandemic the focus is shifting on digital hygiene and training. These are top issues outlined by the participants of a round table which took place at TASS Press Center under the title “Cybersecurity: new threats and protection against them”.
At present, a large number of high-tech medical equipment is connected to the Internet. Given that medical institutions are not used to new threats, they often fall prey to cyber criminals. At times, hospitals have to pay ransom in order to restart the equipment vital for patients’ lives. The participants in the round table cited yet more tragic cases when the ambulance equipment glitch forced the driver to head for other hospitals, which means that patients in critical condition may not make it there.
Cyber threats have been haunting not only the medical industry. President of Check Point Software Technologies in Russia and CIS Vasily Diaghilev has singled out 3 key challenges in the new reality. Firstly, the decision-taking time limit has shortened considerably, — the market proved unprepared for this (unlike in the past, when months were given to elaborate decisions on cyber security, now a mere days are given to do so). Secondly, the criminal groups which had to go online as well, were provided with new financing to “work” in the cyber sphere. Thirdly, user vulnerability went up due to a wide variety of hacking methods.
Alexei Novikov, Director of Security at Positive Technologies, disagrees with such a view. The transition to online work has increased the number of vulnerabilities making it possible for the criminals to find new loops. Hence cyber security has come to depend on the competence of particular individuals. Earlier, information security was guaranteed “along the perimeter of corporate network”. Now, when practically everyone is working from home, family members have got access to the data too. In addition, employees often connect their personal “smart devices” of the Internet of things to their corporate networks.
Experts who took part in the round table provided specific recommendations as to how to boost digital security. Founder and General Director of Zecurion Alexei Raevsky warned companies which are not supposed to store loads of data against doing so. Alexei Raevsky described all the data (for example, for electronic passes), which they collect on a regular basis in the conditions of a quarantine, as a “time bomb”. Vasily Diaghilev has urged individuals to refrain from using (and called on companies to impose restrictions on this practice on a mandatory basis) corporate passwords on external servers, in addition, he recommended coding corporate data, and in order to secure protection against destructive files, he advises to switch to the safe pdf-format in paperwork. “Info security should enter mass market as a taxi – a kind of digital security outsourcing”, — Lev Matveev, Chairman of the Board of “SearchInfoorm”, member of the Association of Software Manufacturers “Russoft”, says. Besides, he recommended including VPN-apps and services into public (free) WiFi-networks.