Why Cyberthreats Tied to COVID-19 Could Hit Diverse TargetsCybersecurity Specialist Stanley Mierzwa Warns Nonprofits to Take Defensive Steps
Besides hospitals and academic institutions, dozens of nonprofits, including so-called "nongovernmental organizations" - or NGOs - around the world must protect their COVID-19 research and related activities from those seeking to steal data or disrupt their operations, says cyber risk management expert Stanley Mierzwa of Kean University.
A wide variety of these nonprofit organizations are potential targets for cyberattacks during the COVID-19 pandemic. These include those that exist to "advance science around the world with research and serving to advance particular missions," he says in an interview with Information Security Media Group.
Other nonprofits work on policy issues or public health concerns, he notes. "They often research and recommend strategies to governments in countries and can be involved with implementing programs," he says. "Any of these could be targeted for cyberattacks if they are involved in pursuing COVID-19 research activities ... including the response to COVID-19."
Attacks on these organizations could affect their partners as well, he adds.
For instance, some pharmaceutical companies working on COVID-19 treatments and vaccines rely on NGOs, especially in third-world countries, to support their research efforts, he says. "Bad actors may initially target these softer targets," he adds.
In the interview (see audio link below photo), Mierzwa also discusses:
- Reasons why some nonprofits involved with COVID-19 research or response are especially vulnerable to cyberattacks;
- Potential motives for cyberattacks on nonprofits involved with COVID-19 research activities;
- Steps NGOs and others should take to better defend themselves against cyberattacks.
Mierzwa is the director of the Center for Cybersecurity at Kean University in Union, New Jersey, where he also lectures on foundations in cybersecurity and cyber risk management. Previously, Mierzwa headed application security at New York's Metropolitan Transportation Authority Police. Earlier, he was the director of IT at the Population Council.