As the COVID-19 rolls across the world, the efficiency and infrastructure of hospitals is being heavily tested in many ways. However, one stressor that couldn’t have been predicted was the massive rise in cyber attacks targeting hospitals and other institutions under pressure due the virus.
In early April, Interpol warned 194 countries of an increased risk of cyber attacks during these trying times. They have since released multiple other warnings of the risks that are coming to light from their investigations.
There have been multiple massive attacks over the last couple of weeks in places varying from the Czech Republic, the UK, and even here in America.
Apparently, cyber terrorists view this pandemic as a massive opportunity for infiltration and sabotage. The use of ransomware in hospitals has already had a continuous uptick in frequency for the last few years but the massive strain of all of the afflicted seeking medical attention has caused the hacking of hospitals to be moved from a manageable issue to a matter of life and death.
Should the hackers be successful in their attempts we would see a delay in appointments, a slowing of operation in hospitals, and a loss of patient files. All of these events would be catastrophic to the hospitals as they are already working at 110% to help those suffering from the virus on top of their normal operations.
There have already been cases of successful attacks, one such case took place in Illinois last month where a ransomware attack cost a hospital over $350,000 to retrieve their stolen files. Another attack has occurred more recently in the Czech Republic and the country is on alert for more to follow. The attacks do not only target the hospitals directly, but also technology firms and research centers who are attempting to rush a cure for the vaccine as fast as possible.
One example of this is where a group used the ransomware REvil, which utilises exploit kits, scan-and-exploit techniques, RDP servers, and backdoored software installers, to attack 10x Genomics a biotechnology company that is working with Vanderbilt University Medical Center on the COVID-19. Microsoft has already taken similar steps for hospitals as they did for political campaigns after the numerous hacking suspicions in our elections by offering the security software called AccountGuard for free to any hospital.
The attacks are not only direct but also there are numerous of the usual phishing attacks and other attempts to undermine the efforts of the healthcare system when it is at its most needed and vulnerable. During these uncertain times it is imperative to have the utmost awareness of who and what you interact with on the internet, so long as we stay aware and follow a strategic cybersecurity protocol, we will make it through with minimal issues.
If you are concerned for your organization, let my team do a Cybersecurity Audit, we can assess your risks and help put a plan in place.