No One is Invisible to Ransomware Attacks: Cybercriminals Pinpointing Healthcare Organizations
In this challenging time, cybercriminals have their eyes on consumers and institutions alike. Malicious groups have increased their targeting of hospitals and healthcare entities to take advantage of deepening resource strain. Many of these groups are using ransomware attacks to compromise hospital systems, locking up patient records or vaccine research until a hefty ransom is paid. The requested sum is usually a high value of Bitcoin or alternative cryptocurrencies, as these are typically more difficult to trace.
However, unlike with old tax paperwork or private family photos, the impact of losing or mass distributing patient records could literally mean life or death for those awaiting urgent care or diagnosis. Bad actors count on this urgency to guarantee that their ransom is met.
Be wary of old tactics with a new twist
The tactics these cybercriminals use can be a combination of traditional phishing and vulnerability exploitation. Reportedly, the WHO has seen a twofold increase in phishing attacks by cybercriminals attempting to steal credentials. Some ransomware groups have stated they will avoid targeting hospitals given the current strain on healthcare systems. Still, claims from criminal organizations should be taken with a hefty grain of salt.
Keep your security up to date
In the meantime, McAfee Advanced Threat Research is closely monitoring new threats that aim to take advantage of the uncertainty surrounding the pandemic. The team has analyzed these threats based on geography, and will continue to report further findings. While these threats are not unexpected as cyber criminals always try to leverage large events to their advantage, it is disappointing to see at a time when the world needs to come together that there are those who have scant regard for the sense of community.
Stay ahead of malicious threats
Whether you’re a healthcare professional, family provider, or both, here are some tips that can help you stay ahead of malicious tactics being used to attack individuals and healthcare institutions.
- Secure your home network by checking your device passwords and Wi-Fi password. Make sure your system and software are all up to date, and take the time to perform pending updates.
- Avoid clicking on emails and texts from unknown senders. Be wary of any communication coming from “official” sources that encourage urgent actions on provided links or ask for your login credentials.
- Check in often with family and friends and be their technical advisor if needed to help steer them away from social engineering or spammy phishing. Consider using a free safe browser extension that can help steer you away from illegitimate sites.
- Be sure to set up robust security on devices that may now be seeing a lot more online time.
- Don’t forget your phone – stay protected from malicious apps and smishing/vishing attempts.