There is no doubt we are living through the most difficult time in medicine in modern history. The coronavirus pandemic has been so catastrophic, infecting doctors and nurses, killing them as they try to help get the virus under control to no avail. The situation has just become much worse, as United States federal officials have warned of “increased and imminent” cyberattacks on hospitals and healthcare providers.
Threatened Cyberattacks on Hospitals
The health care crisis has been crippling to society as a whole throughout the world. It’s killed 225,000 people in the U.S. alone and is currently working its way through its third surge. Not only has it killed people, but it’s also killed the economy with so many businesses closing and people being out of work.
It could get much worse. While health-care professionals are putting everything they can into an effort to end the pandemic, an advisory memo was sent by federal officials. It warned of an “increased and imminent cybercrime threat” to hospitals and health-care providers throughout the country.
The FBI, the Department of Health and Human Services, and the Cybersecurity and Infrastructure Security Agency worked together to issue the memo jointly. The reasons why they are foreseeing an increased assault on the medical industry is not explained. Yet, it does say the purpose of this is financial gain.
It could not be a worse time for cyberattacks to hit hospitals, with the numbers of COVID-19 at its worst and increasing exponentially.
One way the cybercriminals are attempting to impose harm to hospital IT systems is through the trojan Trickbot. It takes over control of web browsers and intercepts their credentials, then uses those same machines as part of a botnet.
Microsoft, after issuing a similar warning, disabled the command and control servers behind Trickbot last month. In doing so, the company estimated that it took about 1 million affected machines from being able to cause further harm.
The trojans can be coordinated to work alongside Ryuk, a popular ransomware that was created to use encryption to hold networks hostage until the network owners paid up. Ransomware has affected hospitals and other crucial industries before. Cybersecurity experts estimated months ago that the average Ryuk attack demanded around $1.3 million.
The Affected Hospitals
A doctor at one of the hospitals hit by the cyberattacks said the facility was forced to go down to using pen and paper for all its operations after the attack. This prevented the health-care workers from updating patient records. Under normal circumstances, that could lead to many life-or-death situations, but during a pandemic, it reaches epic proportions.
The federal agencies are not recommending that the hospitals pay the ransoms, even if it’s a possibility for them.
“Payment does not guarantee files will be recovered,” said the memo. “It may also embolden adversaries to target additional organizations, encourage other criminal actors, or engage in the distribution of ransomware, and/or fund illicit activities.”
What the agencies are suggesting hospitals do is keep their systems up to date, make local offline copies of data, and do what everyone should do to avoid cyberattacks. This includes changing passwords, using two-factor authentication, and backing up data,
It’s also suggested that hospitals throughout the U.S. educate themselves and learn what phishing scams look like to avoid them. Education is key.
Read on to learn about the warning Europol sent of an increase in cyberattacks during the pandemic.