Hospitals face new wave of cyberattacks amid novel coronavirus crisis

File picture: Pexels

File picture: Pexels

Published Apr 15, 2020

Share

Hospitals that are already pushed to their limit dealing with a patient surge from the novel coronavirus pandemic are getting slammed with cyberattacks and digital scams, as well.

Among the most damaging are ransomware attacks that aim to shut down entire hospitals until they pay a fee that can cost millions of dollars.

Such attacks shut down computersat the Champaign-Urbana Public Health District in Illinois for three days in March and forced the district to shell out $300 000 in ransom, as reported by the Pew Charitable Trust's Stateline service. Another attack shut down computers at a university hospital in the Czech Republic, which was forced toturn away patients.

The attacks have prompted stark warnings to hospitals from the Department of Homeland Security and from Interpol, which warned of a "significant increase" in cyberattacks targeting hospitals around the globe. Interpol issued a "purple notice" - basically a warning about a criminal trend and its methods - alerting police in 194 countries about the heightened ransomware threat.

The attacks are part of a surge in hacks and scams prompted by the coronavirus pandemic aimed at taking advantage of people's dislocation and fears. But they're particularly effective against hospitals where the intense pressure created by the pandemic might make workers more likely to slip up and click a link they shouldn't, Jen Miller-Osborn, deputy director of Palo Alto Networks's Unit 42 threat intelligence unit, told me.

"People are stressed, and it might short-circuit the logic in their brain that says I shouldn't click that," she said.

Miller-Osborn's group found hackers trying to lock up computers at a Canadian government health organization and a Canadian medical research university by posing as officials from the World Health Organization in a report out Tuesday. The group also logged attempted digital attacks against medical research facilities in Canada and Japan, but it didn't name any of the victims.

Even before the pandemic struck, hospitals and health-care providers were among the top targets of ransomware attacks because they're among the organizations that can least afford to be pushed offline for even short periods of time. And that can mean they're more likely to pay up.

"Hospitals are not necessarily more susceptible to ransomware attacks. However, an attack can have severely detrimental consequences for them, such as the loss of patient records, and treatment delays or cancellations," Michal Salát, a malware analyst for the anti-virus firm Avast wrote in a blog post.

Health-care providers, like other employers, are especially vulnerable to hacking now because more non-essential staff are working remotely. That makes it harder to patch their laptops and mobile devices against threats and they may be relying on unfamiliar networking tools to connect with co-workers.

About 70 percent of cyberattacks against health-care providers in recent years focused on smaller providers likely to have weaker digital defenses, a briefing this week by analysis firm RiskIQ found.

And the increased danger during the pandemic isn't likely to deter attackers, Miller-Osborn said.

"Before these groups were launching corporate attacks, most of them were targeting vulnerable people, stealing the life savings of old people, so targeting corporations is no problem at all," she said. "We expect these covid-themed attacks to continue as long as they're effective."

One piece of good news came Tuesday when Microsoft announced it will offer hospitals free access to an advanced security system called AccountGuard. The service essentially means Microsoft will closely monitor email traffic and other avenues hackers typically use and alert the organizations about any hacking efforts by nation-states and criminal groups.

It's the same protection Microsoft offered free to political campaigns, members of Congress and democracy-promoting nonprofit groups that are targeted by sophisticated hacking groups from Russia and elsewhere.

The announcement offers the protection to hospitals, clinics and medical labs as well as pharmaceutical, life sciences and medical device companies that are researching, developing or manufacturing coronavirus-related treatments.

"Every patient deserves the best possible healthcare treatment, and we all need to thank and applaud the truly heroic work by those risking their own health to help those who are sick," Microsoft Corporate Vice President Tom Burt said in a blog post. "Their work is challenging enough but is being made more difficult by cyberattacks."

The Washington Post 

Related Topics: