Hackers Increasingly Targeting Hospitals During COVID-19 Pandemic

Hospitals overwhelmed by coronavirus patient surges and a lack of personal protective equipment (PPE) have become targets for opportune cybercriminals.

Ransomware attacks, where hackers lock a network in an attempt to extort payments to regain access, have been a growing threat for hospitals for months, but experts caution the coronavirus pandemic is exacerbating the problem, reports The Hill.

On April 4, INTERPOL, an international police organization, issued a warning to its 194 member countries (a full list of countries can be found here) stating it “has detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.”  

On March 10, the Champaign-Urbana Public Health District in Illinois announced its website was taken down by a ransomware attack, making it difficult to distribute accurate information on the outbreak. The website was down for three days until the district paid the $300,000 ransom, according to The Union Leader.

That same week, Brno University Hospital in the Czech Republic, which was a key coronavirus testing site, had to shut down all of its computers due to malware attacks, forcing the hospital to turn away patients.

Researchers from the National Cyber and Information Security Agency (NCISA), Czech Republic’s cybersecurity agency, warned Thursday that it is “highly probable” that more hackers will continue to target healthcare facilities “in the coming days.”

U.S. Secretary of State Mike Pompeo said Friday that the United States is concerned for the Czech Republic and that anyone who carries out these attacks should “expect consequences.”

Cybersecurity experts have also seen an increase in attacks in parts of Europe, including France. Earlier this month, André Pienaar, founder of cyber firm C5 Capital, told Forbes that his company was able to link some ransomware attacks in the U.K. and other parts of Europe to an organized crime group that uses Maze, a type of ransomware. C5 Capital has partnered with other cyber firms to provide free support to targeted European hospitals.

COVID-19 CTI League, a task force made up of more than 1,000 information security professionals worldwide, is also working to provide support to healthcare facilities being targeted during the pandemic. So far, the group has helped identify over 2,000 cyber vulnerabilities at high-risk organizations.  

Microsoft also announced last week that it would offer its AccountGuard email security service to both healthcare and human rights organizations free of charge through the remainder of the pandemic. The company said hackers are scanning the internet for vulnerable systems, relying mainly on social engineering tactics and preying on people’s fears during the COVID-19 outbreak.

Earlier this month, Microsoft said it had identified dozens of hospitals that have vulnerable gateway and virtual private network (VPN) appliances that make them susceptible to more sophisticated cyberattacks.

On Monday, a coalition of major tech groups called on the U.S. Congress to send funds to state and local governments to defend against cyberattacks as part of future coronavirus stimulus bills, reports The Hill. The groups represent Microsoft, Amazon Web Services, Adobe, Verizon, McAfee and Palo Alto Networks, among others.

The $2 trillion stimulus bill signed by President Trump last month includes some funding for IT modernization and $9.1 million to increase the capabilities of the Department of Homeland Security’s cybersecurity agency.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Related Content

UPDATE: Ransomware Group Leaks Change Healthcare Data

HHS Urges Quick ID and Implementation of Solutions to Change Healthcare Ransomware Debacle

Hackers Post Gory Videos on UC Irvine Discord Groups

Cybersecurity Researcher Finds School Shooting Emergency Plans Exposed Online