Exploiting COVID: Cyberattacks on hospitals up 45%
Criminals are specifically and callously targeting the healthcare sector during the pandemic because they believe hospitals are more likely to meet their ransom demands.
By ZEV STUB
Cyberattacks on healthcare organizations rose 45% in the past two months, mainly by hackers looking to extort hospitals for ransom, Check Point Software reported Tuesday.Last October, a Joint Cybersecurity Advisory issued by the US Cybersecurity and Infrastructure Security Agency, the FBI and the UK's National Health Service warned of an imminent cybercrime threat to US hospitals and healthcare providers ahead of a wave of attacks using the infamous Ryuk ransomware. That trend has continued at a rate more than double that of other industry sectors during the same time, the report said.The largest rise was the incidence of ransomware attacks in which the attacker threatens to do harm to the victim’s data unless a ransom is paid.Ransomware attacks against hospitals are particularly damaging, especially under the pressures of dealing with the COVID-19 pandemic, because they could prevent health workers from delivering care and saving lives.“This is precisely why criminals are specifically and callously targeting the healthcare sector: because they believe hospitals are more likely to meet their ransom demands,” the report said.“The major motivation for threat actors with these attacks is financial,” it said. “They are looking for large amounts of money, and fast. It seems that these attacks have paid off very well for the criminals behind them over the past year, and this success has made them hungry for more.”“In September it was reported by German authorities that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Dusseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment. No hospital or healthcare organization would want to experience a similar scenario, increasing the likelihood of the organization meeting the attacker’s demands in the hope of minimizing disruption,” the report said.The frequency of attacks rose the most in Central Europe, East Asia and Latin America, where they more than doubled. Europe and North America saw increases of 67% and 37%, respectively.The pandemic has encouraged an unprecedented increase in cyber-exploits seeking to compromise personal data, spread malware and steal money, including the registration of coronavirus-related malicious domains, the use of health topics in phishing and ransomware attacks, and even fraud advertisements offering COVID-19 vaccines for sale. The use of test-and-trace apps for tracking individuals present new opportunities for cyber-criminals to try to exploit, the report said.To prevent ransomware and phishing attacks, organizations should stay on the lookout for Trojan infections that can open the door to ransomware attacks days or weeks later; raise vigilance toward the weekend and holidays, when most ransomware attacks over the past year have taken place; use anti-ransomware solutions; educate employees about handling malicious emails; and use virtual patching of old systems when possible, Check Point recommended.
An Intrusion Prevention System (IPS) with virtual patching capability to prevent exploits to vulnerable systems is recommended when virtual patching is not possible, it said.