Covid-19 firefighting - health services under cyber-attack

News by Chandu Gopalakrishnan

A cyber-attack on the US HHS Department resulted in the circulation of false information about state action to contain the coronavirus outbreak and Czechs declare state of emergency after hospital attack

The US Health and Human Services (HHS) Department faced a cyber-attack late on Sunday, 15 March, resulting in the circulation of false information about state action to contain the Covid-19 (Coronavirus) outbreak, Bloomberg reported

The attempt to overload the HHS servers with millions of hits over several hours aimed at pulling the agency’s systems down, but failed, the report said citing three sources close to the development. 

“Text message rumors of a national #quarantine are FAKE. There is no national lockdown. @CDCgov has and will continue to post the latest guidance on #COVID19,” tweeted the US National Security Council after after false information on government’s coronavirus campaign started streaming in from the agency’s network 

The tweet partly meant to dismiss the false information circulating after the multi-level hacking, of which senior Trump administration officials were aware, the report said.

"Organisations should urgently consider implementing and promulgating a clear, centralised and consistent internal process to communicate all the events and precautions related to the coronavirus pandemic. Corporate cyber-security and security awareness should constitute an invaluable part of such communications, as cyber-criminals are profiteering from obscurity and uncertainty,” commented Ilia Kolochenko, founder and CEO Immuniweb. 

The administration is yet to attribute any perpetrator for the attack, in which no data was stolen or leaked, the report added. This is the latest in the stream of cyber-attacks riding on the wave of the Coronavirus scare across the globe.

Days after Czech Republic declared a state of national emergency, hackers attacked a hospital’s network, delaying dozens of coronavirus test results. Cyber-criminals have added the use of fake HIV test results to target insurance, healthcare, and pharmaceutical companies globally, SC Media Uk reported earlier.

“The attack on US Health & Human Services department is a clear sign that we’ll soon face a cyber-attack crisis in addition to the coronavirus pandemic. Attackers of all types – from cyber-criminals seeking profits, to terrorists and other seeking disruption, and even nation states will seek to hit their targets when they are distracted, striking when governments and businesses have their hands full with the pandemic response," warned Kevin Bocek, VP - security strategy and threat intelligence at Venafi.

“Coronavirus is a formidable and fairly unprecedented opportunity to trick panicking people amid the global havoc and mayhem. In light of the spiraling uncertainty and fake news, even experienced cyber-security professionals may get scammed by a well-crafted phishing email allegedly coming from a national health authority and involving his or her family or workplace,” said Kolochenko. 

It’s particularly worrying, as the race for digital transformation, DevOps, and the increase in cloud use have made the automated machine and software driven process increasingly vulnerable, added Bocek.

"We’ve seen hackers make use of persistent back doors using SSH machine identities in high-profile cases such as the attack on the Ukrainian power grid, or attackers hiding in encrypted traffic to breach Equifax because of expired TLS certificates, both of which are risks because of the cloud based, automated, remote working world that business is adopting. Security teams need to move quickly for the visibility, intelligence, and automation needed to protect machine identities and manage these threats.”

Complicating the matter is the presence of human judgement and emotions when it comes to pandemics such as Covid-19, noted Kolochenko. 

“The more emotions and personal matters the attackers leverage, the more successful their campaigns will likely be. The human factor remains the most burdensome to mitigate by technical means among the wide spectrum of organisational cyber-risks, and the Covid-19 connection makes victims particularly susceptible to thoughtless actions.”

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews