| Welcome to Global Village Space

Friday, April 12, 2024

US, UK healthcare to fight cyber attacks besides Coronavirus

The United States and Britain have warned that organized criminals may step up cyberattacks against the health professionals involved in coronavirus response. The motives of perpetrators may vary from fraud to espionage.

Britain and the United States warned Tuesday of a rise in cyber attacks against health professionals involved in the coronavirus response by organised criminals “often linked with other state actors”.

The transatlantic allies’ cybersecurity agencies issued a joint warning to healthcare and medical research staff, urging them to improve their password security amid the threat.

Britain’s National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) said they had seen “malicious cyber campaigns targeting organisations involved in the coronavirus response”.

Read more: Pandemic fuels cyber attacks: Who will save us from hackers?

The two agencies added they had detected large-scale “password spraying” tactics — hackers trying to access accounts through commonly used passwords — aimed at healthcare bodies and medical research organisations.

British Foreign Secretary Dominic Raab echoed the warning at the daily Downing Street coronavirus press conference, noting perpetrators had “various objectives and motivations” — from fraud to espionage. 

“But they tend to be designed to steal bulk personal data, intellectual property and wider information that supports those aims. 

“And they’re often linked with other state actors,” he said.

In their joint warning, the NCSC and CISA said they had identified targeting of national and international healthcare bodies, pharmaceutical companies, research organisations, and local government.

They added “the likely aim” was gathering information related to the pandemic.

The report also suggested the involvement of hostile states in the attacks, they mentioned that these APT actors target organisations to collect bulk personal information, intellectual property and intelligence that aligns with national priorities.

The agencies advised healthcare staff to change any passwords that might be guessed to one created with three random words, as well as implementing two-factor authentication to reduce the risk of being hacked.

Paul Chichester, NCSC Director of Operations, said his agency was “prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response”.

Read more: Work from home jeopardised after upsurge in COVID-themed cyberattacks.

“But we can’t do this alone, and we recommend healthcare policy makers and researchers take our actionable steps to defend themselves from password spraying campaigns.”

Increased cyber attacks by state-backed hackers

The cyberattacks against the health workers by state-backed hackers pose a serious threat to the security of these workers.

These malicious actors “frequently target organizations in order to collect bulk personal information, intellectual property and intelligence that aligns with national priorities,” according to the UK’s National Cyber Security Centre (NCSC) and the US Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA).

APTs are generally hacking groups sponsored by foreign governments and Monday’s alert suggests that supply chains may be especially vulnerable.
“Actors view supply chains as a weak link that they can exploit to obtain access to better protected targets.
CISA and NCSC have seen ‘APT’ actors scanning the external web sites of targeted companies looking for vulnerabilities in unpatched software,” according to the advisory.
The new warning comes after CNN reported last month that the Trump administration is pointing the finger at China for attempting to steal coronavirus research amid a growing wave of cyberattacks by nation-states and criminal groups on US government agencies and medical institutions leading the pandemic response.
Hospitals, research laboratories, health care providers and pharmaceutical companies have all been hit, officials say, and the Department of Health and Human Services — which oversees the Centers for Disease Control and Prevention — has been struck by a surge of daily strikes, an official with direct knowledge of the attacks previously told CNN.
Monday’s advisory noted that security agencies in the US and UK “have seen large-scale ‘password spraying’ campaigns against healthcare bodies and medical research organizations.”
“Password spraying” is the attempt to access a large number of accounts using commonly known passwords, according to the joint statement released by NCSC and CISA.
“Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe,” Paul Chichester, NCSC director of operations, said in a statement.

AFP with additional input by GVS News Desk