The rising number of ransomware attacks against the healthcare sector

Those who today know Maria, a contagiously happy young woman, cannot imagine the hardships she has faced in life. When she was younger, she went through a very traumatic experience that would forever change her perception of the world, and encourage her to dedicate each day of her life to one goal: fighting cybercrime. And it all started when her best friend, a seasoned journalist, was hospitalized after being diagnosed with a rare and serious disease.

Maria usually visited him twice a week and, one day, when arriving at the hospital, she was surprised to see there was a generalized panic. Cybercriminals had contaminated local computers and systems with ransomware and were asking for a huge amount of cryptocurrency to restore access. The malware infection caused general breakdowns at the hospital, including power outages. The medical team was unable to access electronic medical records.

The young woman witnessed not only her best friend but also several other patients agonizing in pain because the hospital equipment, which was vital for their treatment, had stopped working. These were hours of great despair and uncertainty. With no better options, the medical entity was forced to pay the criminals to restore the full functioning of the critical machinery. Her colleague survived, and, after adopting the name Lenda, he founded Hackers Rangers to fight cybercrime.

Without blinking an eye, Maria decided to be the first to join the team, with the promise of doing everything in her power to make sure this would never happen again.

The preferred target

Since the beginning of the new coronavirus pandemic (SARS-CoV2), the number of cyberattacks against the healthcare sector has increased exponentially. Unscrupulous cybercriminals know that, in most cases, these institutions are not prepared to deal with these incidents — they do not back up their data and use legacy equipment (old and full of easily  exploitable vulnerabilities) connected to the Internet. It's easy to invade these networks and cause serious damage that goes beyond the threshold between the digital and the physical world: a few hours without machinery poses a real risk to patients' lives.

As recently as May, the entire public health system in Ireland fell victim to Conti, a ransomware-as-a-service also known as RaaS. This type of malware is run by an organized gang, and is “licensed” to other criminals interested in using it to attack their preferred targets. Although the hijackers initially requested $20 million in ransom to restore access to the systems, they fortunately give away a tool that the authorities ended up using to decrypt the affected systems and machines.

Regardless, the perpetrators continued trying to extort the Irish government, threatening to leak patient data that was stolen during the invasion. "You must understand that we will sell or publish loads of private data if you don't contact us and try to resolve the situation", the criminals warned Stephen Donnelly, Ireland's Health Minister. Mr. Donnelly, on the other hand, assured that "no ransom has been paid by this government, either directly, indirectly, through third parties or in any other way".

A global problem

Conti is just one of the numerous strains of RaaS that are active around the world. Aware of the incident, the US Federal Bureau of Investigation (FBI) warned that, in the US alone, criminals attacked at least 16 hospitals in the past few months. If we expand Conti's victims to include companies of all segments and around the globe, more than 400 organizations have been harmed by evildoers.

For Maria, investing in raising cybersecurity awareness is the key to preventing more people from being affected by these incidents. “Cybercriminals use phishing and other social engineering scams to spread these viruses and infect hospital networks. All employees – from clerks to directors – must know how to protect themselves, which includes not clicking on suspicious links or opening dubious email attachments”, she warns.

How about learning a little more about our dear Maria?

Maria, the most outgoing superheroine on the Hacker Rangers team, is twenty years old and adores bakery sweets, pop music, and Japanese manga. Always cheerful and persistent, Maria hates rude and insensitive people. What she enjoys doing the most in her free time is street dancing — and she's very good at it! Ever since the incident with her best friend, Maria has sworn that she would go out of her way to protect people from cybercriminals by raising cybersecurity awareness.

— "Joy is not in things, it is in us." (Maria, Hacker Rangers)

Article translated from: Cresce o número de ataques de ransomware contra o setor hospitalar — Perallis Security