This weekend an article was published on the Interpol website outlining cyber-criminal activities being directed towards hospitals in Singapore during this unprecedented period and warning those organisations and companies on the front line in the fight against COVID-19 to be wary of ransomware attacks.
The world today is in the throes of a major crisis that has already claimed the lives of thousands whilst deeply affecting hundreds of thousands more, but unfortunately, following this weekend’s warning from Interpol, it seems that Coronavirus is not the only threat we are facing.
Recently, Interpol’s Cyber-crime Threat Response team based at its Cyber Fusion Centre, began to detect a large increase in the volume of ransomware attack attempts made against key figures currently engaged in the response against the virus.
According to the article, cyber-criminals are attempting to hold hospitals and medical services to digital ransom, using ransomware to prevent access to critical systems and files until a payment is made. As a result of this, and in order to support the worldwide response against it, Interpol issued a Purple Notice in all of its member countries and has prepared a robust response:
- The Cyber-crime Threat Response team is monitoring all threats and has assembled a team with private partners to gather information
- The team is working alongside police forces in its member countries
- First-hand technical support and protection advice is also being offered to member countries
- A list of suspicious internet domains related to Coronavirus / COVID-19 has been gathered and is being analysed and evaluated ahead of action possibly being taken
We asked Patrick Carolan, Technical Director / Certification Auditor / DPO at CRIBB Cyber Security, for his thoughts on the situation:
“Having worked in Cyber Security for many years, myself and the team here at CRIBB are no strangers to cyber-criminals taking advantage of difficult circumstances to cause chaos but this particular scenario is especially serious.
“The key things right now are prevention and mitigation; Interpol have been fairly swift in their response so now it is a question of stemming the ransomware attacks. From what I have heard, emails are the main cause behind the ransomware spreading so healthcare companies and hospitals all need to ensure that their hardware and software is up to date, plus they should be backing up all essential files. These should be stored separately from their main systems, too.”
A difficult time for the world just became a little more difficult, but if we all work together against these varied, common ‘aggressors’, then we have every chance of getting through.
CRIBB Cyber Security is part of theICEway ecosystem of companies, a collection of IT specialist brands that combine to provide a complete digital solution for the healthcare, cruise and travel and retail industries.
Glossary
Interpol – A.K.A. ‘The International Criminal Police Organisation’, an organisation that facilitates worldwide cooperation between police forces
COVID-19 – An illness affecting the lungs and airways that is caused by the coronavirus
Ransomware – A type of malware that prevents users from accessing their system and demands payment in exchange for regaining access
Interpol Purple Notice – Interpol uses colour-coded ‘Notices’ to define their activities; red, yellow, blue, black, green, orange and purple. Purple is used to describe the following activity:
“To seek or provide information on modus operandi, objects, devices and concealment methods used by criminals”
Top Tip(s)
If you are in healthcare, there are some initial steps you can take to protect your systems from a ransomware attack:
- Install the latest Anti-Virus Software on all systems and devices
- Secure your email systems
- Use strong passwords which are regularly updated
- Always back up important files and store them in a separate place to your system (such as the cloud)
- Only open emails or choose downloads from trusted sources
- If you see a link or an attachment in an email from an unknown sender, or one you were not expecting to receive, do not click on or open either
- Secure your email systems
As part of theICEway, the team at CRIBB Cyber Security have worked alongside IT teams in healthcare for many years and are happy to help with any query, large or small. Contact us today for more information…