INTERPOL recently warned of increased ransomware attacks on hospitals and healthcare systems worldwide. Cybercriminals have attacked multiple facilities in multiple countries in the past two months, using the pandemic to extort a more significant and/or quicker ransomware payment. Below is a summary of the upsurge and how to protect yourself during these extraordinary times.
Increased ransomware attacks
Ransomware is malicious software or malware used to deny a victim access to a system and/or encrypted data until a ransom is paid. Victims download malware through phishing emails that contain malicious attachments or fraudulent links. Currently, the bait is COVID-19 news.
RELATED: CISA and NCSC Joint Alert: COVID-19 Malicious Cyber Actors
According to INTERPOL’s Secretary General Jürgen Stock, “Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths.” Early reports show that healthcare organizations are paying the hefty ransoms. Champaign-Urbana Public Health District in Illinois had its computers shut down for three days in May due to ransomware. The district shelled out $350,000 to get back into its systems. Last month, several hacking groups told BleepingComputer that they would not target medical organizations during these troubling times. One of those groups, Maze, while not attacking any healthcare organizations, is still actively demanding ransoms from those hacked late last year.
Cybercriminals have always targeted healthcare due to its wealth of sensitive information. And unfortunately, the pandemic increases the number of threat vectors available and puts added stress on hospitals to pay. There are more distracted personnel, more remote workers, and more people needing up-to-date information on the pandemic. “As hospitals and medical organizations around the world are working non-stop to preserve the well-being of individuals stricken with coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients,” said Stock. Hackers are using and taking advantage of this perfect storm.
How do you not become a victim?INTERPOL staff will remotely meet with cybersecurity authorities around the world to gather information and provide technical support. The international agency also will assist its 194 member countries in mitigating and investigating attacks. Furthermore, more than 1,000 IT professionals worldwide have formed a COVID-19 CTI League to stop cyberattacks on critical healthcare organizations. But while organizations should feel protected by the international community, they must do what they can within to block breaches. It is more important than ever to:
- Update all hardware and software, including for remote workers
- Back up data frequently and offline
- Store critical data (such as testing for COVID-19) separate from main systems
- Educate employees to recognize potential threats
- Limit access to critical systems
- Utilize HIPAA compliant email
- Implement multi-layered security
The industry is facing extraordinary physical and cyber dangers at the same time and it is up to all healthcare organizations to safeguard employees and patients alike.