Interpol has warned that cyber criminals could step up the frequency of ransomware attacks aimed at hospitals and other healthcare institutions.
In an alert posted on its website on Saturday, Interpol warned healthcare organisations at the forefront of the global fight against the COVID-19 pandemic that it has detected a significant increase in the number of attempted ransomware attacks targeting healthcare organisations.
“As hospitals and medical organisations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients,” said Interpol Secretary General Jürgen Stock.
“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. INTERPOL continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable,” he added.
According to Interpol, hackers are using phishing emails as their weapons of choice to orchestrate ransomware attack. These emails often falsely claim to be sent from the government agencies containing guidelines regarding the Coronavirus and lure people to clink on malicious links or attachments.
To mitigate the risk of such ransomware attack, Interpol has encouraged hospitals and other healthcare organisations to keep their hardware and software updated. They have also advised to strengthen their security measures by keeping a back-up of all necessary files and storing them away from their main system.
Interpol has issued the following guidelines to healthcare institutions to protect themselves from ransomware attacks:
- Only open emails or download software/applications from trusted sources
- Do not click on links or open attachments in emails which you were not expecting to receive, or come from an unknown sender
- Secure email systems to protect from spam which could be infected
- Backup all important files frequently, and store them independently from your system (e.g. in the cloud, on an external drive)
- Ensure you have the latest anti-virus software installed on all systems and mobile devices, and that it is constantly running
- Use strong, unique passwords for all systems, and update them regularly.
Ransomware attacks amid the COVID-119 crisis could result in the loss of lives
Commenting on Interpole’s guidelines to healthcare organisations, Joseph Carson, Chief Security Scientist at Thycotic told TEISS “Cybercriminals will always attempt to take advantage of critical situations and COVID-19 is no different. At a time when medical staff are focused on saving lives, under extremely high stress and overworked they become vulnerable to cyberattacks that take advantage of the medical staff’s trust.
“Scams such as urgent access requests, promises of medical equipment or latest news and treatments of COVID-19 increase the risk that medical staff are sometimes simply one click away from giving a cybercriminal access to critical systems or installing ransomware that will lock up systems until a financial payment is made and in today’s current situation that means lives would be lost,” he added.
Marco Essomba, the founder of BlockAPT, told TEISS in March that when it comes to protecting healthcare and medical organisations, a defence-in-depth approach must be adopted to ensure that many layers of protection are in place in order to defend critical infrastructures as well as any sensitive digital assets.
“This begins with a strong and effective data backup strategy with regular tests conducted to ensure data confidentiality, integrity and availability remains fit for purpose if disaster strikes. Secondly, a robust endpoint protection solution must be deployed and combined with traditional malware protection and behaviour analysis to detect and deter even the most advanced malware attacks.
“Finally, it’s vital security technology controls such as regular vulnerability assessments, web application firewalls, network content scanners, network intrusion protection systems, and data leakage prevention systems are in place, to augment healthcare and medical organisations’ ability to defend better against even the most persistent ransomware operators,” he added.