Ransomware Attackers Vow to Not Strike Healthcare During Pandemic

Two ransomware gangs have agreed to forego attacking healthcare organizations during the outbreak, but several others have not agreed to stop.

Ransomware Attackers Vow to Not Strike Healthcare During Pandemic

Although more cybercriminals have been capitalizing on coronavirus fears, at least some ransomware gangs say they will forgo targeting healthcare facilities during the COVID-19 crisis.

BleepingComputer reached out to operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker and AKO Ransomware infections to see if they would continue attacking health and medical organizations during the pandemic.

DoppelPayer told BleepingComputer that they don’t normally target hospitals or nursing homes and will continue to abstain from this practice during the coronavirus. They also said that if they do so on accident, they’ll decrypt for free. Their decision, however, doesn’t apply to pharmaceutical companies.

Maze ransomware has also agreed to stop attacking medical organizations during the pandemic.

For healthcare organizations that do get encrypted, two software security companies — Emsisoft and Coveware — are offering to provide their ransomware services for free to healthcare facilities during the coronavirus outbreak. The services include:

  • Technical analysis of the ransomware.
  • Development of a decryption tool whenever possible.
  • As a last resort ransom negotiation, transaction handling and recovery assistance, including replacement of the decryption tool supplied by the criminals with a custom tool that will recover data faster and with less chance of data loss.

Ransomware has been plaguing the healthcare sector for several years now, and it is one of the sectors that is most frequently targeted by cybercriminals. Since third quarter 2016, more than 93% of all healthcare organizations have experienced a data breach, and 57% of those had more than five data breaches during the same time period. More than 300 million records have been stolen since 2015, affecting about one in every 10 patients.

If you appreciated this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

About the Author

robin hattersley headshot

Robin has been covering the security and campus law enforcement industries since 1998 and is a specialist in school, university and hospital security, public safety and emergency management, as well as emerging technologies and systems integration. She joined CS in 2005 and has authored award-winning editorial on campus law enforcement and security funding, officer recruitment and retention, access control, IP video, network integration, event management, crime trends, the Clery Act, Title IX compliance, sexual assault, dating abuse, emergency communications, incident management software and more. Robin has been featured on national and local media outlets and was formerly associate editor for the trade publication Security Sales & Integration. She obtained her undergraduate degree in history from California State University, Long Beach.

Leading in Turbulent Times: Effective Campus Public Safety Leadership for the 21st Century

This new webcast will discuss how campus public safety leaders can effectively incorporate Clery Act, Title IX, customer service, “helicopter” parents, emergency notification, town-gown relationships, brand management, Greek Life, student recruitment, faculty, and more into their roles and develop the necessary skills to successfully lead their departments. Register today to attend this free webcast!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters
Campus Safety HQ