Cyber criminals aiming for vulnerable hospitals

Geplaatst op door
Oduber Hospital Aruba (credits Caribiana, CC BY-SA 4.0,  via Wikimedia Commons)

IT company Fox-IT and Dutch expertise center Z-CERT provide current threat information to hospitals free of charge. It concerns data about targeted ransomware attacks. This information helps hospitals to detect cyber criminals at an early stage and keep them out of critical infrastructures, Fox-IT says.

The help is timely and is also available to hospitals in the Caribbean part of the Kingdom. It is precisely now that hospitals and other healthcare institutions are under additional attack from cyber criminals, various experts warn.

“The activity of cyber criminals has increased in recent weeks. This increase can also be observed in the healthcare sector,” says Z-CERT. “Phishing campaigns are used to respond to people’s fears about COVID-19. Cyber ​​criminals also know that healthcare organizations are under pressure and want to take advantage of this. For example, this results in attackers launching ransomware faster than usual after entering an organization.”

Headlock

“The global spread of COVID-19 is keeping the whole world in a grip. Healthcare in particular plays a crucial role in making this crisis manageable,” says Fox-IT. “In addition to tireless employees in the health sector, well-functioning and adequately secured IT systems play a crucial role in guaranteeing continuity in health care. Unfortunately, even in these uncertain times, criminal groups continue to carry out attacks that could victimize healthcare organizations.”

According to the experts, the University Medical Center in Brno (Czech Republic) fell victim to a cyber attack in March this year. In Britain, a hacker group attacked the systems of the Hammersmith Medicines Research. Personal data of thousands of patients was stolen and published. In France and Spain, too, examples of several institutes and institutions known to have been attacked by cyber criminals are known.

And closer to home, the ransomware attack on the hospital in Aruba at the end of November last year is still fresh in our minds.

‘Perfect Storm’

Fox-IT and Z-CERT are certainly not alone in their warnings. The US security company RiskIQ investigated 127 ransomware attacks against hospitals in the US between 2016 and 2019. The findings were recently published in the report ‘Ransomware in Health Sector’, with the telling headline: ‘A Perfect Storm of New Targets and Methods’.

RisIQ saw a 35% increase in ransomware attacks on health institutions between 2016 and 2019. Of the total number of attacks investigated, 70% targeted smaller institutions, with a staff less than 500. The criminals would target the smaller institutions in particular because they are often more vulnerable and more likely to pay.

Teams

So vigilance is required. The information (so-called ‘Indicators of Compromise’) provided by Fox-IT and Z-CERT is about the main criminal groups and the methods they use. They also provide teams of specialized Threat Intelligence Analysts and Incident Responders. They can respond if there are general or urgent questions as a result of the report.

As mentioned, hospitals in the Caribbean part of the Kingdom can also request threat information. According to Fox-IT’s Chief Security Expert Frank Groenewegen, the data has since been shared with the hospital in Aruba and Bonaire. “Curaçao was not interested and indicated that it has its own security provider,” said Groenewegen. “Unfortunately we received no response from Sint Maarten.”

“At the moment, only Fundashon Mariadal on Bonaire is a member of Z-CERT. So they receive up-to-date threat information, advice and other services, ”adds a Z-CERT spokesperson when asked. “None of the other hospitals or care providers on the Leeward or Windward islands (including Saba and Statia, ed.) Are currently affiliated with Z-CERT.”

Hospitals that still want to receive current threat information can request this from Z-CERT or Fox-IT.

Fox-IT and Z-CERT

Z-CERT (Computer Emergency Response Ream for healthcare) was founded on the initiative of the Dutch Association of Hospitals (NVZ), the Dutch Federation of University Medical Centers (NFU) and GGZ Nederland (GGZ). Z-CERT is a foundation and has no profit motive.
www.z-cert.nl

Fox-IT was founded in the Netherlands in 1999 as a consultancy for forensic expertise. Fox-IT has been part of the NCC Group, an expert in the field of cyber security, since 2015. The NCC Group employs over 2,000 people for more than 15,000 customers worldwide.
www.fox-it.com/en/

(This article was previously published in Dutch, in the Antilliaans Dagblad of 13-05-2020)