Hackers are targeting hospitals crippled by coronavirus
“Our message to ransomware gangs is: stay the hell away from hospitals”
On March 13, the Brno University Hospital started turning away new patients suffering serious conditions. Urgent surgeries were postponed and the hospital, which is a key Covid-19 testing site in the Czech Republic, shutdown all computers as a cyberattack took hold.
“The hospital public announcement system started to repeat the message that all personnel should immediately shut down all computers due to ‘cybernetic security’,” one cybersecurity researcher who was waiting in the hospital for surgery has said. While the cyberattack didn’t impact the work being done around the coronavirus it did cause disruption at an exceptionally busy and chaotic time.
The Czech hospital is not the only medical institution to be targeted by cybercriminals as the novel coronavirus has spread around the world. In the United States, the website for a public health department in Illinois that has more than 200,000 people registered with it has been taken offline following a ransomware attack. France’s French cybersecurity agency has also published a warning that its seeing ransomware targeting its local authorities.
As the total number of global cases of Covid-19 has swelled above 250,000, hackers have increased their activity as they look to capitalise on the crisis. “We’re seeing concerted targeting against manufacturing, pharmaceutical, travel, healthcare and insurance,” explains Sherrod DeGrippo, a senior director in threat research and detection at cybersecurity firm Proofpoint says. “When I say manufacturing, a lot of times it seems to be targeted against a subset of manufacturing, which is manufacturers that create hospital beds, medical equipment, those things you would associate with healthcare.”
It’s no surprise that cybercriminals have upped their attempts to hack into more computer networks. Whenever there’s a large news event those trying to break into computer networks and devices go into overdrive. In the past, the Olympics and the introduction of GDPR have provoked onslaughts of increased hacking activity. This predominantly happens though exploiting human weaknesses.
Malicious actors know that people will open emails that look convincing but actually act as ways to deliver malware or ransomware onto their machines. Amid the rush of daily life – and despite the best efforts of cybersecurity trainers – people are still hugely susceptible to a convincing email that looks like it’s from their boss, or one that has an enticing attachment to download or a link to click.
“The things that are working right now are coronavirus lures: coronavirus as the email for the social engineering, coronavirus filenames, coronavirus domain names,” DeGrippo explains. People want to read and learn about Covid-19. DeGrippo says she has seen phishing emails that claim to have a coronavirus vaccine contained within an attachment, tempting spreadsheets that claim to include lists of people’s neighbours who have been infected, faked company emails asking for errands to be run by people’s colleagues, and suggestions that banks have created anti-bacterial credit cards. “This is the biggest shift in social engineering lures that I have ever seen,” she says.
All of the scams have one goal: to get people to open them and click the link or download an attachment. Once this is done, a machine or network can be infected if there are unpatched vulnerabilities. Corporate data can be put at risk or, in the worst case scenarios, ransomware that can lock entire networks can be deployed. Security researchers says they’ve seen phishing campaigns from all types of hacking groups, large and small. Hackers believe to be tied to national governments have also been getting involved.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Feck me, who would want to do something so evil to hospitals in a time like this....
“Our message to ransomware gangs is: stay the hell away from hospitals”
On March 13, the Brno University Hospital started turning away new patients suffering serious conditions. Urgent surgeries were postponed and the hospital, which is a key Covid-19 testing site in the Czech Republic, shutdown all computers as a cyberattack took hold.
“The hospital public announcement system started to repeat the message that all personnel should immediately shut down all computers due to ‘cybernetic security’,” one cybersecurity researcher who was waiting in the hospital for surgery has said. While the cyberattack didn’t impact the work being done around the coronavirus it did cause disruption at an exceptionally busy and chaotic time.
The Czech hospital is not the only medical institution to be targeted by cybercriminals as the novel coronavirus has spread around the world. In the United States, the website for a public health department in Illinois that has more than 200,000 people registered with it has been taken offline following a ransomware attack. France’s French cybersecurity agency has also published a warning that its seeing ransomware targeting its local authorities.
As the total number of global cases of Covid-19 has swelled above 250,000, hackers have increased their activity as they look to capitalise on the crisis. “We’re seeing concerted targeting against manufacturing, pharmaceutical, travel, healthcare and insurance,” explains Sherrod DeGrippo, a senior director in threat research and detection at cybersecurity firm Proofpoint says. “When I say manufacturing, a lot of times it seems to be targeted against a subset of manufacturing, which is manufacturers that create hospital beds, medical equipment, those things you would associate with healthcare.”
It’s no surprise that cybercriminals have upped their attempts to hack into more computer networks. Whenever there’s a large news event those trying to break into computer networks and devices go into overdrive. In the past, the Olympics and the introduction of GDPR have provoked onslaughts of increased hacking activity. This predominantly happens though exploiting human weaknesses.
Malicious actors know that people will open emails that look convincing but actually act as ways to deliver malware or ransomware onto their machines. Amid the rush of daily life – and despite the best efforts of cybersecurity trainers – people are still hugely susceptible to a convincing email that looks like it’s from their boss, or one that has an enticing attachment to download or a link to click.
“The things that are working right now are coronavirus lures: coronavirus as the email for the social engineering, coronavirus filenames, coronavirus domain names,” DeGrippo explains. People want to read and learn about Covid-19. DeGrippo says she has seen phishing emails that claim to have a coronavirus vaccine contained within an attachment, tempting spreadsheets that claim to include lists of people’s neighbours who have been infected, faked company emails asking for errands to be run by people’s colleagues, and suggestions that banks have created anti-bacterial credit cards. “This is the biggest shift in social engineering lures that I have ever seen,” she says.
All of the scams have one goal: to get people to open them and click the link or download an attachment. Once this is done, a machine or network can be infected if there are unpatched vulnerabilities. Corporate data can be put at risk or, in the worst case scenarios, ransomware that can lock entire networks can be deployed. Security researchers says they’ve seen phishing campaigns from all types of hacking groups, large and small. Hackers believe to be tied to national governments have also been getting involved.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Feck me, who would want to do something so evil to hospitals in a time like this....
