SECURITY
SECURITY
SECURITY
Ransomware targets hospitals and medical providers during coronavirus pandemic
Hacking groups are targeting hospitals and medical service providers with ransomware attacks as many struggle with the coronavirus pandemic.
In the last week, a health service district in Illinois and a hospital in the Czech Republic were targeted with ransomware disrupting services including coronavirus testing.
The Champaign Urbana Public Health District, which services 210,000 people including the University of Illinois, was taken offline March 10 by the MailTo (Netwalker) ransomware. Fortunately, the district had most of its services backed up in the cloud, with primarily its website affected by the attack.
MailTo (Netwalker) was first detected in August 2019 and is believed to have been used in the ransomware attack on Australian transport company Toll Group in February.
The second attack, far more insidious, involves the Brno University Hospital in the city of Brno in the Czech Republic. The second biggest hospital in the country, the ransomware was detected March 14 and caused computers across the hospital to shut down delaying surgery and coronavirus test results.
The form of attack was not immediately clear, but reports noted that files were unable to be accessed, suggesting that they had been encrypted in a ransomware attack.
“As if the healthcare sector didn’t already have enough to worry about right now, the recent attack on the Illinois Public Health Department underscores why cybersecurity and data protection can’t fall on the back burner during this outbreak,” Sam Roguine, a director at data protection firm Arcservce LLC, told SiliconANGLE. “Cybercriminals are extremely opportunistic – they’re working every angle of coronavirus to dupe victims into handing over credentials and downloading malware and now it appears they have their sights on the institutions responsible for the response to the pandemic.”
Other departments of health must stand ready and educate employees about the increased risk of ransomware attacks, he added, while also confirming they’re able to detect abnormalities on their network and implement a robust data backup and recovery strategy in the event they do fall victim to an attack.
The ransomware attacks on health providers come as the U.S. Department of Health and Human Services was targeted in a cyberattack over the weekend. The attack appears to have primarily consisted of a distributed-denial-of-service attack but also included “multiple incidents of cyber intrusion.”
Photo: Pan Hyde/Wikimedia Commons
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
