MobileIron boss on why frontline workers are being targeted by hackers
Healthcare workers are a prime target for hackers, according to David Critchley
NHS frontline staff are at particular risk of being targeted by hackers due to their proximity to the crisis, according to MobileIron's UK&I director.
Speaking to CRN, David Critchley said that the endpoint security vendor has seen a "six-fold" increase in phishing attacks since February, the majority of which played on people's concerns about COVID-19.
"These people are trying to capitalise on people's fears using terms such as COVID-19 to draw in those unsuspecting victims," he explained.
"Hackers target organisations which are intimately associated with the response because that's where frontline workers are the most likely to be targeted by malicious cyberattacks."
The guidelines issued by the National Cybersecurity Centre (NCSC) have raised awareness of the attacks on healthcare organisations and professionals but Critchley highlighted stretched budgets in the public sector as an impediment for trusts implementing those policies.
"The NCSC has done a good job of raising awareness, but how many NHS trusts have a clean sheet in their cybersecurity tests?" he asked.
"Their budgets are stretched and they're obviously focused on more burning priorities around things like PPE and ventilators, so do they really have the focus necessary to prevent those kinds of attacks and pass those cybersecurity tests?"
The future impact the crisis will have on the cybersecurity industry is made up of "two distinct phenomena", he added.
The first phenomenon will be around revisiting the security policies implemented quickly because of the sudden change in working policies for many organisations.
"Now we've given people access to the information they need in this new world, have we actually adequately secured it?" he said.
"We got people going, but it was all much of a band-aid - pardon the pun - but how do we now actually do this properly and rigorously and ensure that everybody is protected, safe and can do everything that they need to do in their working lives?"
The other change in the cybersecurity industry is around remote working and keeping corporate information separate from the personal information of other users on the home network, he said.
"Something like a third of all mobile devices are actually used by frontline workers, so these are absolutely mission-critical devices," he noted.
"So there are huge security considerations about how secure our home networks are and sharing them with the people we live with, so are we able to protect our corporate information from others' personal information."