Hacking groups are targeting hospitals and medical service providers with ransomware attacks as many struggle with the coronavirus pandemic.

In the last week, a health service district in Illinois and a hospital in the Czech Republic were targeted with ransomware disrupting services including coronavirus testing.

The Champaign Urbana Public Health District, which services 210,000 people including the University of Illinois, was taken offline March 10 by the MailTo (Netwalker) ransomware. Fortunately, the district had most of its services backed up in the cloud, with primarily its website affected by the attack.

MailTo (Netwalker) was first detected in August 2019 and is believed to have been used in the ransomware attack on Australian transport company Toll Group in February.

The second attack, far more insidious, involves the Brno University Hospital in the city of Brno in the Czech Republic. The second biggest hospital in the country, the ransomware was detected March 14 and caused computers across the hospital to shut down delaying surgery and coronavirus test results.

The form of attack was not immediately clear, but reports noted that files were unable to be accessed, suggesting that they had been encrypted in a ransomware attack.

“As if the healthcare sector didn’t already have enough to worry about right now, the recent attack on the Illinois Public Health Department underscores why cybersecurity and data protection can’t fall on the back burner during this outbreak,” Sam Roguine, a director at data protection firm Arcservce LLC, told SiliconANGLE. “Cybercriminals are extremely opportunistic – they’re working every angle of coronavirus to dupe victims into handing over credentials and downloading malware and now it appears they have their sights on the institutions responsible for the response to the pandemic.”

Other departments of health must stand ready and educate employees about the increased risk of ransomware attacks, he added, while also confirming they’re able to detect abnormalities on their network and implement a robust data backup and recovery strategy in the event they do fall victim to an attack.

The ransomware attacks on health providers come as the U.S. Department of Health and Human Services was targeted in a cyberattack over the weekend. The attack appears to have primarily consisted of a distributed-denial-of-service attack but also included “multiple incidents of cyber intrusion.”

Photo: Pan Hyde/Wikimedia Commons