As COVID-19 Vaccine Research Advances, So Do Cyber Threats from China
Health care entities that are conducting research related to COVID-19 treatment should note that U.S. intelligence officials have detected possible interference from foreign actors. The Federal Bureau of Investigation (FBI) reported in early July that it detected threats from China related to U.S. COVID-19 treatment and intellectual property.
In an interview with the Washington Post, Christopher Wray, the FBI Director indicated that Chinese cyber actors have attempted to steal intellectual property, public health records, and information about vaccines, treatments, and testing from U.S. medical facilities, biotech labs, and academic institutions to send to the Chinese government.
Intelligence personnel suspect that the cyber-attacks may continue against the healthcare and public health care system in the coming months. It is advised that if your organization is involved with healthcare, medical devices, pharmaceuticals, biotechnology, and/or scientific research and consulting, that you be particularly mindful of your information security protocol and control environment.
How Organizations Can Secure COVID-19 Data
The FBI recommends that healthcare and biotechnology companies take the following action to reduce their risk of cyber-attack related to COVID-19 information:
- Understand cyber actors’ tactics, techniques, and procedures, including historical attacks and targeted vulnerabilities
- Keep network and data systems updated with the most recent security patches
- Increase monitoring for indicators of system compromise
- Review and practice an information security incident response plan
This notice from the FBI is another indicator that threats to information security are heightened in the COVID-19 environment. Securing the information technology environment may be further complicated by the fact that key information security personnel, along with other employees, may be continuing to work remotely for the foreseeable future.
Proactive reviews of your IT control environment and security policies, accompanied by ongoing process and control improvements, may help reduce the risk of or mitigate the damage from information security breaches and network intrusion.
CBIZ is here to help. Our professionals are experienced with performing cybersecurity risk assessments, vulnerability assessments and penetration testing, in addition to social engineering procedures and other techniques, often utilized by cyber bad actors to access sensitive information and organizational data.
To learn more about how you can proactively secure your information and business technology environment, please contact Kyle Konopasek at firstname.lastname@example.org or Tiffany Garcia at Tiffany.Garcia@cbiz.com.
Copyright © 2020, CBIZ, Inc. All rights reserved. Contents of this publication may not be reproduced without the express written consent of CBIZ. This publication is distributed with the understanding that CBIZ is not rendering legal, accounting or other professional advice. The reader is advised to contact a tax professional prior to taking any action based upon this information. CBIZ assumes no liability whatsoever in connection with the use of this information and assumes no obligation to inform the reader of any changes in tax laws or other factors that could affect the information contained herein.
CBIZ MHM is the brand name for CBIZ MHM, LLC, a national professional services company providing tax, financial advisory and consulting services to individuals, tax-exempt organizations and a wide range of publicly-traded and privately-held companies. CBIZ MHM, LLC is a fully owned subsidiary of CBIZ, Inc. (NYSE: CBZ).