The INTERPOL (International Criminal Police Organisation) is warning of ransomware attacks against hospitals despite the currently ongoing Coronavirus outbreak.
Attackers are targeting organizations in the healthcare industry via
Some Ransomware operators have stated that they will no longer target health and medical organizations during the Coronavirus (COVID-19) pandemic.
Immediately after the beginning of the critical phase of the COVID19 pandemic, BleepingComputer reached out to the operators of the major ransomware gangs asking them if they would continue targeting hospitals.
The gang behind the Ryuk ransomware goes against the tide and continues to target the hospitals, the group never responded to the questions of BleepingComputer researchers.
“Since then, BleepingComptuer has learned that Ryuk continues to target hospitals even while they are struggling to keep people alive during the Coronavirus pandemic.” reported BleepingComputer.
PeterM from Sophos confirmed that he is aware of a US health care provider that was hit with the Ryuk ransomware a couple of weeks ago.
According to experts from Group-IB, Russian-speaking threat actors targeted at least two companies in Western Europe in the pharmaceutical and manufacturing industries.
A few days ago, Microsoft warned dozens of hospitals of the risks of ransomware attacks due to insecure VPN devices and gateways exposed online. Microsoft urges hospitals and health care organizations to implement security measures to protect public-facing devices to increase their resilience to cyber attacks.
Microsoft has also published recently details about human-operated ransomware attacks that targeted organizations in various industries.
The INTERPOL now revealed that it had detected over the weekend a significant number of ransomware attacks against key organizations and infrastructure engaged in the virus response.
“INTERPOL has issued a warning to organizations at the forefront of the global response to the COVID-19 outbreak that have also become targets of ransomware attacks, which are designed to lock them out of their critical systems in an attempt to extort payments.” reads a press release published by the Interpol. “
“Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid.
To support global efforts against this critical danger, INTERPOL has issued a Purple Notice alerting police in all its 194 member countries to the heightened ransomware threat.”
The Cybercrime Threat Response team also announced its efforts in monitoring all COVID-19-related threats, the police are working closely with private partners in the cybersecurity industry to gather information of cyber threats and provide support to organizations targeted by ransomware attacks.
“As hospitals and medical organizations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients,” said INTERPOL Secretary General Jürgen Stock.
“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. INTERPOL continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable,” added the INTERPOL Chief.
The INTERPOL recommends hospitals and healthcare organizations keep their systems and software up to date, and to implement an efficient backup policy.
Below the recommendations provided by the Interpol to hospitals and healthcare orgs to protect their systems from a ransomware attack: