In light of the large influx of people with Covid-19 for treatment, hospitals and health care centers have become a popular target for computer hackers who use malicious software, especially for the purpose of financial extortion.
Information pirates are betting on the fact that these institutions will not risk refusing to pay ransoms and face potentially dire consequences for patients, while the epidemic begins to spread again in Europe and the United States.
An imminent cyber threat
The alarm rang on Wednesday after the Federal Bureau of Investigation (FBI) and the US Department of Interior and Health said they had reliable information indicating an “imminent cyber threat against US hospitals and health service providers.”
The United States has asked health institutions “to take adequate precautions quickly to protect their computer networks.”
Cyber attacks occur through the use of ransomware (“ransomware”), which is a type of malicious program that prevents access to a website or access to a computer until the victim sends an amount of money.
The University of Vermont hospital, which was affected by the attack, stated that it was cooperating with the authorities regarding a “cyber attack, confirming an impact on some of our systems” with “varying effects” on the care provided to patients.
Daniel dos Santos of the “Forskout” Foundation for Electronic Security said that about 400 hospitals have been the victims of piracy of their information systems in recent weeks in the United States and Britain. “Cutting care for sick people means people will die,” he added.
Weak information systems
And health sites cannot accept the fact that their information systems will be inaccessible for a longer period because that means returning to doing everything manually, “which may cause a significant slowdown” in providing services, the expert said.
The hospital sector has weak information systems because it uses medical devices, such as scanners, which are considered “weak links in the network” because it transmits data over insecure channels.
In a report, dos Santos and his colleagues pointed out that they discovered data on the Internet concerning three million American patients that “are unprotected and can be accessed by anyone after conducting searches.”
An investigation by the security firm Check Point showed that health care is the sector most targeted by hackers, so that their attacks on US institutions in October increased by 71%.
The company stated that there is also a sharp increase in cyber attacks on hospitals in Asia, Europe and the Middle East. The company confirmed that cyber attacks seeking extortion doubled in the third quarter compared to the first half of the year.
Many of these attacks use Ryuk malware linked to North Korean and Russian hackers.
Hacked by Trickbot
According to the US authorities, they use sophisticated tools, including “Trickbot”, which is a network of computers affected by an electronic virus.
Trickbot, which appeared in 2016 as a virus attacking banks, has now become what is called a “malware as a service” (“malware as a service”), which is a toolbox that cyber criminals rent for other hackers who want to infiltrate a particular network or carry out an attack electronic.
And the Canadian authorities warned through the “Cyber Center” in early October of the attacks of the Ryoke program “which affects many (public) entities, including municipalities and health and safety organizations in Canada and abroad.”
“The problem with ransomware is that it is getting worse. A solution must be found as soon as possible,” said Brett Callow of the electronic security company Emsisoft, calling for a ban on ransom payments. He added that this kind of attack “exists because it is profitable. If the tap of the money is closed, these attacks will stop and hospitals will not be in danger anymore.”