Cyber-threats haunt health care sector amid coronavirus panic

Just three years ago, we got to see the destructive potential of a worldwide state-sponsored hacking attack during 2017's WannaCry outbreak.  The unprecedented cyber-event, which disabled around 200,000 systems in roughly 150 countries globally, was a sneak preview of the current status quo, where individuals and businesses are being hit by hackers on a daily basis.

One element of the WannaCry attack that particularly resonates today, as we navigate the coronavirus pandemic, was the way the ransomware affected what is perhaps our most vital services sector.

WannaCry set back the United Kingdom's National Health Service (NHS) £100 million and was responsible for the cancelation of over 19,000 individual medical appointments, according to the U.K.'s Department of Health.  This extreme level of damages was achieved despite the fact that the NHS wasn't specifically targeted by hackers during the attack.  Victims included a whopping one third of NHS hospitals and around eight percent of general practices.

In today's world, where seemingly every country is dealing with an outbreak of COVID-19, a similar attack could have catastrophic consequences.

Unfortunately, we are beginning to see the seeds of this kind of major attack already being planted globally, as the U.S. and U.K. recently issued a joint advisory warning of cyber-attacks against health care providers, pharmaceutical laboratories, medical research organizations, and others entities related to the medical field.

According to the advisory from the U.K.'s National Cyber Security Centre (NCSC), along with the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), "[t]he pandemic has likely raised additional requirements for APT actors to gather information related to COVID-19.  For example, actors may seek to obtain intelligence on national and international healthcare policy or acquire sensitive data on COVID-19 related research[.]"

Advanced persistent threats or APTs are threat actors that are usually sponsored by governments looking to make political or economic gains via hacking.  APTs engage in spying or theft in the national defense, legal and financial services, health care, telecommunication, and manufacturing industries, among others.

These threats are not coming from state-sponsored hackers exclusively, however.  A recent report from mid-May indicated that Romania's Directorate for Investigating Organized Crime and Terrorism (DIICOT) recently arrested members of a hacking group that was preparing to launch widespread ransomware attacks on Romanian hospitals.

DIICOT alleges that the hackers we set to send spear-phishing emails with bogus information about COVID-19 to hospitals, with the intent to "infect computers, encrypt files, and disrupt hospital activity."  According to Romanian news outlets that cited sources connected to DIICOT, the hackers were carrying out the attacks in protest of Romania's COVID-19 quarantine orders.

Other international hacking incidents include Iranian hackers attempting to breach the World Health Organization, while attackers linked to Vietnam have also targeted the communist Chinese government  as a result of its handling of the coronavirus outbreak.

If a situation similar to what the U.K. faced with WannaCry were to occur now, the effects in a major metropolis like New York City would be devastating, especially if there were to be a second surge in new coronavirus cases.

This nefarious activity has not been lost on private organizations, as in early May the Red Cross issued a letter to governments all over the world titled, "A Call to All Governments: Work Together Now to Stop Cyberattacks on the Healthcare Sector."  Part of the letter reads, "We call on the world's governments to take immediate and decisive action to stop all cyberattacks on hospitals, healthcare and medical research facilities, as well as on medical personnel and international public health organizations. To this end, governments should work together, including at the United Nations, to reaffirm and recommit to international rules that prohibit such actions."

As the coronavirus pandemic rages on, bad actors will continue use the confusion, panic, and associated fear to achieve their agendas, whether they be political, economic, or something else.  Now is a time for increased vigilance, as something as simple as opening an email could cripple the health care systems we rely on for life-saving services.  

Julio Rivera is a business and political strategist, the editorial director for the Reactionary Times, and a political commentator and columnist.  His writing, which is focused on cyber-security and politics, has been published by websites including The Hill, Real Clear Politics, Townhall, and American Thinker.

Just three years ago, we got to see the destructive potential of a worldwide state-sponsored hacking attack during 2017's WannaCry outbreak.  The unprecedented cyber-event, which disabled around 200,000 systems in roughly 150 countries globally, was a sneak preview of the current status quo, where individuals and businesses are being hit by hackers on a daily basis.

One element of the WannaCry attack that particularly resonates today, as we navigate the coronavirus pandemic, was the way the ransomware affected what is perhaps our most vital services sector.

WannaCry set back the United Kingdom's National Health Service (NHS) £100 million and was responsible for the cancelation of over 19,000 individual medical appointments, according to the U.K.'s Department of Health.  This extreme level of damages was achieved despite the fact that the NHS wasn't specifically targeted by hackers during the attack.  Victims included a whopping one third of NHS hospitals and around eight percent of general practices.

In today's world, where seemingly every country is dealing with an outbreak of COVID-19, a similar attack could have catastrophic consequences.

Unfortunately, we are beginning to see the seeds of this kind of major attack already being planted globally, as the U.S. and U.K. recently issued a joint advisory warning of cyber-attacks against health care providers, pharmaceutical laboratories, medical research organizations, and others entities related to the medical field.

According to the advisory from the U.K.'s National Cyber Security Centre (NCSC), along with the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), "[t]he pandemic has likely raised additional requirements for APT actors to gather information related to COVID-19.  For example, actors may seek to obtain intelligence on national and international healthcare policy or acquire sensitive data on COVID-19 related research[.]"

Advanced persistent threats or APTs are threat actors that are usually sponsored by governments looking to make political or economic gains via hacking.  APTs engage in spying or theft in the national defense, legal and financial services, health care, telecommunication, and manufacturing industries, among others.

These threats are not coming from state-sponsored hackers exclusively, however.  A recent report from mid-May indicated that Romania's Directorate for Investigating Organized Crime and Terrorism (DIICOT) recently arrested members of a hacking group that was preparing to launch widespread ransomware attacks on Romanian hospitals.

DIICOT alleges that the hackers we set to send spear-phishing emails with bogus information about COVID-19 to hospitals, with the intent to "infect computers, encrypt files, and disrupt hospital activity."  According to Romanian news outlets that cited sources connected to DIICOT, the hackers were carrying out the attacks in protest of Romania's COVID-19 quarantine orders.

Other international hacking incidents include Iranian hackers attempting to breach the World Health Organization, while attackers linked to Vietnam have also targeted the communist Chinese government  as a result of its handling of the coronavirus outbreak.

If a situation similar to what the U.K. faced with WannaCry were to occur now, the effects in a major metropolis like New York City would be devastating, especially if there were to be a second surge in new coronavirus cases.

This nefarious activity has not been lost on private organizations, as in early May the Red Cross issued a letter to governments all over the world titled, "A Call to All Governments: Work Together Now to Stop Cyberattacks on the Healthcare Sector."  Part of the letter reads, "We call on the world's governments to take immediate and decisive action to stop all cyberattacks on hospitals, healthcare and medical research facilities, as well as on medical personnel and international public health organizations. To this end, governments should work together, including at the United Nations, to reaffirm and recommit to international rules that prohibit such actions."

As the coronavirus pandemic rages on, bad actors will continue use the confusion, panic, and associated fear to achieve their agendas, whether they be political, economic, or something else.  Now is a time for increased vigilance, as something as simple as opening an email could cripple the health care systems we rely on for life-saving services.  

Julio Rivera is a business and political strategist, the editorial director for the Reactionary Times, and a political commentator and columnist.  His writing, which is focused on cyber-security and politics, has been published by websites including The Hill, Real Clear Politics, Townhall, and American Thinker.