COVID-19 Fueling Phishing, Other Attacks on Healthcare SectorLee Kim of HIMSS on Top Security Challenges
The global outbreak of COVID-19 is intensifying the already heightened threat of attacks, including phishing scams, on healthcare organizations, says attorney Lee Kim, director of privacy and security of the Healthcare Information Management and Systems Society.
"Scammers want to leverage the coronavirus pandemic ... and because all of us are worried about it ... they prey on fear," she says in an interview with Information Security Media Group.
Recent phishing scams involving coronavirus include malware embedded in global maps of the outbreak and "because they appeal to us at a visceral level ... we may not stop and pause" before clicking on the bait, she says.
"The attacker doesn't have to breach that firewall or penetrate the really tough exterior that has been set up by the security pros. They'll go straight to a person, via email or social media, and try to infiltrate and exploit. It's really about exploitation of the human."
In the interview (see audio link below photo), Kim also discusses:
- Other top privacy and security challenges facing the healthcare sector;
- Leading security technologies - including biometrics and authentication being implemented by healthcare organizations;
- The Department of Health and Human Services' recently unveiled final rules for health IT interoperability and information blocking.
Before joining HIMSS as director of privacy and security, Kim practiced law in the areas of IT, healthcare technology, intellectual property and privacy and security. She also previously worked in the healthcare technology field.