The INTERPOL (International Criminal Police Organisation) is warning of ransomware attacks against hospitals despite the currently ongoing Coronavirus outbreak.
Attackers are targeting organizations in the healthcare industry via malspam campaigns using malicious attachments. The attachments used as lure appear to be sent by health and government agencies, they promise to provide information on the Coronavirus pandemic and the way to avoid the contagion.
Some Ransomware operators have stated that they will no longer target health and medical organizations during the Coronavirus (COVID-19) pandemic.
Immediately after the beginning of the critical phase of the COVID19 pandemic, BleepingComputer reached out to the operators of the major ransomware gangs asking them if they would continue targeting hospitals.
Some of them like DoppelPaymer and Maze groups announced that they would no target healthcare organizations during the pandemic.
The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers.
“Since then, BleepingComptuer has learned that Ryuk continues to target hospitals even while they are struggling to keep people alive during the Coronavirus pandemic.” reported BleepingComputer.
PeterM from Sophos confirmed that he is aware of a US health care provider that was hit with the Ryuk ransomware a couple of weeks ago.
According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries.
The tools used in the attacks were traced to Silence and TA505 – Russian-speaking financially-motivated groups.
A few days ago, Microsoft warned dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Microsoft urges hospitals and health care organizations to implement security measures to protect public-facing devices to increase their resilience to cyber attacks.
Microsoft has also published recently details about human-operated ransomware attacks that targeted organizations in various industries.
The INTERPOL now revealed that it had detected over the weekend a significant number of ransomware attacks against key organizations and infrastructure engaged in the virus response.
“INTERPOL has issued a warning to organizations at the forefront of the global response to the COVID-19 outbreak that have also become targets of ransomware attacks, which are designed to lock them out of their critical systems in an attempt to extort payments.” reads a press release published by the Interpol. “
“Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid.
To support global efforts against this critical danger, INTERPOL has issued a Purple Notice alerting police in all its 194 member countries to the heightened ransomware threat.”
The Cybercrime Threat Response team also announced its efforts in monitoring all COVID-19-related threats, the police are working closely with private partners in the cybersecurity industry to gather information of cyber threats and provide support to organizations targeted by ransomware attacks.
“As hospitals and medical organizations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients,” said INTERPOL Secretary General Jürgen Stock.
“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. INTERPOL continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable,” added the INTERPOL Chief.
The INTERPOL recommends hospitals and healthcare organizations keep their systems and software up to date, and to implement an efficient backup policy.
Below the recommendations provided by the Interpol to hospitals and healthcare orgs to protect their systems from a ransomware attack:
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – ransomware, Coronavirus)
[adrotate banner=”5″]
[adrotate banner=”13″]
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and…
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement…
Healthcare service provider Kaiser Permanente disclosed a security breach that may impact 13.4 million individuals…
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over…
A ransomware attack on a Swedish logistics company Skanlog severely impacted the country's liquor supply. …
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities…
This website uses cookies.