Fighting Coronavirus-Themed Ransomware and Malware

March 31, 2020

Cybercriminals and Nation-States Aim to Subvert Systems and Devices

(Data Breach Today) Attackers are continuing to use concerns over COVID-19 to distribute ransomware and malware, including for smartphones. The healthcare sector is perhaps at the greatest risk from these attacks because it’s serving as the front-line defense against the disease.

Likely culprits behind such attacks include the usual suspects: cybercrime operators looking to make a fast buck - for example, by demanding a ransom to unlock crypto-locked systems - as well as nation-states seeking to sow chaos.

Last weekend, for example, the U.S. Department of Health and Human Services saw increased scanning of its network and potentially a distributed denial-of-service attack.

“Expect increased attacks in the name of COVID-19, particularly against businesses involved in testing and treatment; it’s similar to other efforts to shortcut development by exfiltrating other’s intellectual property or research,” Lee Neely, a senior cyber analyst at Lawrence Livermore National Laboratory, said in a recent SANS Institute newsletter. “Verify your defenses, including monitoring and alerting capabilities, with an eye to operational impacts of increased numbers of remote workers, possibly even your SOC. Be prepared to alter your definition of normal due to modified working arrangements.”

Ransomware Continues to Target Healthcare

Despite the essential role healthcare organizations are playing in fighting the pandemic, the vast majority of criminals don’t appear to have steered clear of targeting the sector with ransomware attacks.

Potentially compounding the problem, ransomware attacks tend to spike in the spring and summer, security firm Emsisoft says.

“It is likely that there will be an increase in the number of healthcare providers impacted by ransomware in the coming months and, unfortunately, this increase may coincide with the peak of the COVID-19 outbreak,” it says in a blog post. “Further, the spikes may be more pronounced than in previous years due to security weaknesses resulting from hastily introduced work-from-home arrangements, personal device usage and staffing shortages.”

One potential challenge facing ransomware gangs is that fewer businesses and individuals may have the funds to pay their attackers off, even if they wanted to. That, in turn, could lead to ransomware gangs attempting to hit more targets to compensate, says British cybersecurity researcher Kevin Beaumont (@GossiTheDog).

For rest of article from Data Breach Today, click here.

Posted in: Cybersecurity