Healthcare organizations all around the world are fighting the coronavirus pandemic, but they are fighting more than just the virus. While the healthcare industry is focused on public health and patient care, hackers are taking this opportunity to target them with all types of cyber attacks. Has the lack of cyber readiness finally caught up to the healthcare industry? Is it taking a global pandemic for healthcare organizations to face the facts: they need to improve their security hygiene once and for all?
HHS Network Targeted
The U.S. Department of Health and Human Services (HHS) was targeted in what looks like an attempt to overload its website with millions of hits. They detected a significant increase in activity on HHS cyber infrastructure, appearing to be an attempted Distributed Denial of Service (DDoS) attack. Fortunately, this attack was unsuccessful and no federal networks were impacted. HHS Secretary, Alex Azar, said, “We have extremely strong barriers, we had no penetration into our networks, no degradation of the functioning of our networks, we had no limitation on the ability or capacity of our people to telework, we’ve taken very strong defensive actions.”
Fake Coronavirus Map from Johns Hopkins
As hackers leverage our fear, they find new ways to deliver malware. In one of the latest attacks, an interactive map that reports on coronavirus infections and deaths, produced by Johns Hopkins, is being using maliciously. Brian Krebs reported, “Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme.” The user believes they are using the legitimate map, but they’re actually spreading password-stealing malware.
Cybercriminals always latch onto the latest big news item, but usually by sensationalizing it. Now they've started spreading real-time, accurate data & interactive maps about the Coronavirus pandemic in a bid to infect computers with malicious software. https://t.co/ISm4Oec5Fx pic.twitter.com/7FOzrz5hdK
— briankrebs (@briankrebs) March 12, 2020
Ransomware on Illinois Public Health Network
On March 10, a ransomware attack on the Champaign-Urbana Public Health District in Illinois took down their website. The timing of this attack couldn’t be worse, as the organization needs to communicate critical and ongoing coronavirus updates. No critical systems, PHI, or ePHI were compromised during the attack and the website has since been restored – but an investigation did confirm that it was caused by Netwalker (MailTo) ransomware.
Your Cyber Readiness
Healthcare organizations are particularly vulnerable to cyber attacks on any given day, but especially during this time of unpredictability. Now that you’ve seen scenarios like the HHS defending its network versus Champaign-Urbana Public Health District’s network going down, it’s time to consider how your organization would respond. If you’re interested in testing your incident response plan, participating in pen testing, or consulting on your cyber readiness, we’re ready to help!