Cybersecurity attacks targeting healthcare organizations amid the coronavirus pandemic have spiked globally, and since the start of November these attacks have surged 45 percent, Check Point Software Technologies said in a new report.
The average number of weekly attacks in the healthcare sector globally reached 626 in November, compared with 430 in October. This is more than double the overall increase in attacks seen in other industry sectors worldwide, which saw a 22% rise in attacks for the period, the report said.
In Israel, cybercrime against local medical institutions rose 25% to 813 attacks a week since November, compared to an average of 652 attacks a week previously, the report said.
Central Europe tops the list of regions impacted by the spike in attacks against healthcare organizations, with a 145% increase in November, followed by East Asia, which suffered a 137% increase, and Latin America with a 112% increase. Europe and North America saw 67% and 37% increases, respectively.
Regarding specific countries, Canada experienced the most dramatic increase with over a 250% uptick in attacks, followed by Germany with a 220% increase. Spain saw a doubling in attacks, the report said.
At the end of October, the Israeli cybersecurity firm reported that hospitals and healthcare organizations had been targeted by a rising wave of ransomware attacks, with the majority of attacks using the infamous Ryuk ransomware. This followed a Joint Cybersecurity Advisory issued by the Cybersecurity & Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) that warned in October of an “increased and imminent” cybercrime threat to US hospitals and healthcare providers.
This crime threat has worsened over the past two months, the Israeli cybersecurity firm said in a blog post published on Tuesday, with the range of attacks including ransomware, botnets, denial of service attacks and others, with ransomware posting the largest increase and becoming the biggest threat to healthcare organizations.
“Ransomware attacks against hospitals and related organizations are particularly damaging, because any disruption to their systems could affect their ability to deliver care, and endanger life – all this aggravated with the pressures these systems are facing trying to cope with the global increase in COVID-19 cases,” the authors of the blog wrote. That is exactly why hospitals are being targeted, they said — because the criminals believe that they will be more likely to meet the ransom demands due to the pressure they are under.
“The major motivation for threat actors with these attacks is financial,” the authors wrote. “They are looking for large amounts of money, and fast.”
The main ransomware variety used in attacks is Ryuk, followed by Sodinokibi.
The authors of the blog said that cybersecurity professionals should look out for infections within their networks; guard should be raised especially during weekends and holidays, when IT and security staff are less likely to be working and employees must be educated about how to handle malicious mail.
The coronavirus pandemic has vastly affected the cybersecurity landscape, the authors of the blog said, with an “unprecedented increase” in cyber-exploits seeking to compromise personal data, spread malware and steal money. There is also a spike in the registration of coronavirus-related malicious domains, and the use of coronavirus related topics for phishing and ransomware attacks, and even fraud advertisements, offering COVID vaccines for sale.