In a recent incident, cybercriminals were seen imitating the website of the UK’s National Health Service (NHS) to infect the visitors with a trojan horse.
Some unknown hackers had created a clone of the NHS website to exploit the panic surrounding the coronavirus pandemic.
- The fake website claimed to offer information and advice about the treatment of coronavirus and urged visitors to download a file on their local system or device.
- The downloaded file happens to be a password stealing trojan, that scans the victim’s device for sensitive data like passwords, credit card data, and more.
- The trojan also creates a backdoor for the remote installation of additional malware by the attackers.
A frequent target
Due to its wide exposure through publicly accessible services, NHS has been a frequent target of cyber attacks and data leak incidents for several years.
- In January 2019, a BBC report suggested that the NHS in Cumbria has been hit by more than 150 cyberattacks in the past five years, while another report suggested that, in the same duration, 65 NHS Trusts witnessed around 209 cyberattack incidents.
- In October 2018, a report by DHS UK pointed out that the WannaCry cyber attack had cost the NHS around £92 million (approximately $114 million) while locking out 200,000 computers with red-lettered error messages.
Global healthcare sector facing the heat
Within the month of April 2020, several healthcare organizations across the globe have witnessed some form of a cybersecurity incident.
- Ambry Genetics Corporation, Beaumont Health, Aurora Medical Center, Meadville Medical Center, Doctors Community Hospital, Brandywine Counseling & Community Services, Inc., and many more have faced disruptions due to a ransomware attack, security breach, or data breach incident
- Several Czech hospitals in the eastern Czech cities of Olomouc and Ostrava, as well as several others, reported cyberattack attempts on their computer systems.
- Even the World Health Organization (WHO) is facing incresed cyberattacks due to a leak of 450 active WHO email addresses and passwords, putting the organization’s systems at risk.
Lacking strict action
Inspite of facing such threats, the healthcare sector still seems to be lacking a substantial direction towards strengthening security.
- One in every three NHS computers is still running Windows 7, for which Microsoft has announced End of Life, and no further patches will be released.
- NHS experts have already warned that the health service facilities are already stretched to their “breaking point”, and face a major risk of cyberattacks during this global epidemic situation.
The secure way ahead
To help prevent cyberattacks during the COVID-19 pandemic, the UK's National Cyber Security Centre (NCSC) and the US Department of Homeland Security's (DHS) Cybersecurity and Infrastructure Security Agency (CISA), have put forward a joint advisory:
- Avoid clicking on unknown links, especially those sent from unknown users, as it may infect the device with malware.
- Avoid opening emails from unknown users, especially those having attachments.
- Organizations can help users identify and report suspected phishing emails and avoid social engineering attacks by providing appropriate training and ‘How To’ guides.
- While using online communication tools, do not make meetings public. Instead, require a meeting password or use the waiting room feature and control the admittance of guests.