As the world is trying to grasp the scope of the COVID-19 coronavirus pandemic, cyber criminals are taking advantage of tired, overstretched staff and low IT staffing. In recent weeks, multiple health agencies, medical facilities and hospitals have been hit by phishing emails, cyber incidents and ransomware attacks. Unfortunately, the healthcare sector is likely to become an even more prominent target in the upcoming weeks.
Steep Increase in Cyberattacks
Phishing incidents and ransomware attacks have been on the rise since mid-2019. Sadly, healthcare departments and medical facilities are not being spared. Actually, the opposite is more likely to be true in times of a crisis, like with the coronavirus pandemic. In the event of a ransomware attack, for example, hospitals are more likely to pay a higher ransom due to the crisis. Also, overstretched staff may potentially have their guards down, thus being more likely to, for example, fall victim to phishing attacks.
Health Departments and Medical Facilities Hit
- On Monday, the US Department of Health and Human Services (HHS) reported multiple hacking incidents seemingly aiming to slow down the department’s systems. There was no data breach and yesterday networks were still fully operational. The incident involved a DDoS attack, in which the HHS’ servers were overloaded with millions of hits.
- Last Friday, the entire IT network of the Czech University Hospital Brno needed to be shut down due to a ransomware attack. Worryingly, this hospital hosts one of the largest 18 COVID-19 testing centers. Two other branches, the Children’s and the Maternity Hospital were also impacted. All surgeries were cancelled. Preparations are under way to transfer the hospital’s coronavirus response capacity to other hospitals in the Czech Republic.
- Mid-last week ransomware took down the website of the Champaign-Urbana Public Health District in Illinois, USA. The health agency’s website serves nearly a quarter of a million people. The same Netwalker ransomware appeared earlier this year in other targeted attacks.
- In February, the entire computer network of Maroof International Hospital in Islamabad, Pakistan, was compromised by a ransomware attack. During the recovery period, administration and health care providers were forced to do everything manually. This significantly slowed down data collection and the treatment of patients.
- NRC Health, a company that sells software to thousands of healthcare organizations in the US, was also hit by a ransomware attack. The company did not provide any details but said that they did not have any evidence of a patient data breach.
- Smaller medical centers have also fallen victim. Earlier this year, Overlake Medical Center and Clinic in Washington notified 109,000 patients of a data breach. Potentially leaked data included a range of patient information, such as names, dates of birth, contact information, treatment details and health insurance identification numbers.
As the world increasingly becomes absorbed in the escalating outbreak of the COVID-19 coronavirus, it is important to stay vigilant. Phishing emails remain the number one vehicle for ransomware. The less ‘on guard’ the targeted user is, the more fruitful the attack.
It is important to never open emails or websites that you do not trust. Always consider if it is logical that you are getting a certain email or an email from a certain person. If you do not expect a delivery from UPS, it is likely the email is malicious. The same goes for a “urgent” email from a person or colleague you haven’t heard from in 10 years.