Learn how the World Bank Group is helping countries with COVID-19 (coronavirus). Find Out

BRIEF July 21, 2020

Thought Leadership and Fresh Insight from the World Bank’s Digital Development Practice

Image

Photo Credit: Shutterstock


Image
How COVID-19 has Exposed Cyber Risks in the Health Sector

Why a Paradigm Shift is needed for building Cybersecurity Resilience

[Note 1 | July 2020]

For developing countries the COVID-19 pandemic has underscored the need to prioritize building cybersecurity capacity within the health sector, and represents a rare opportunity to establish cybersecurity more broadly as a core element of the 21st Century’s development agenda. This article presents the latest cyber risks for the health sector that have emerged during the COVID-19 pandemic, and new approaches needed for building cybersecurity resilience. Following a brief explanation of  the most common threat categories observed during the pandemic, the top five targets for cyberattacks are highlighted which include hospitals and healthcare centers, public health organizations, vaccine companies and virus research institutions, individuals, and contact tracing apps. In addition to operational solutions, the article presents three emerging  themes that have manifested during the COVID-19, and implications for future operational solutions and coordination on building cybersecurity resilience.

Key Findings

  • Cyberattacks targeting public health and the health sector have increased significantly since the outbreak of the COVID-19 pandemic in 2020, resulting in disruption to the operations of domestic  healthcare systems and services, theft of medical records, and significant financial losses, elevating the need to bring cybersecurity to the forefront of the development agenda.
  • Low preparedness – resulting from insufficient cybersecurity investment and awareness in developing countries generally and from the unprecedented challenges presented by a pandemic specifically – renders low- and medium-income countries particularly at risk of paralyzing attacks.
  • A sectoral-centered approach is needed to bolster cybersecurity within the health domain, using the historically strong development of cybersecurity in the financial sector to offer lessons to fortify the health sector against threats. This sectoral capacity building must be anchored to a strong foundation and enabling environment provided by a central national cybersecurity agency whose capacity must also be built and fortified to support the health sector.
  • A broad conceptualization of cybersecurity to include elements of malicious information campaigns will help facilitate a focus and better management of this rapidly developing phenomenon.
  • The COVID-19 pandemic has underscored the need to establish cybersecurity as a core element of the digital development agenda in the 21st century, and yields a unique clarity and opportunity to accelerate the safe and effective development and adoption of e-health solutions and telehealth platforms, particularly in low- and middle-income countries – paving the way towards further digital development of the health sector.

Contributors

Bertram Boie, Senior Economist

Natalija Gelvanovska-Garcia, Senior Digital Development Specialist

Sandra V. Sargent, Senior Digital Development Specialist

Rami Amin, Consultant

Full Article: How COVID-19 has Exposed Cyber Risks in the health Sector