Cybersecurity agencies warn of criminals targeting healthcare firms

Dominic Raab lashes out at ‘predatory’ hacking attacks on UK and US organisation battling coronavirus saying criminals and ‘hostile states’ are exploiting the crisis for their own ‘malicious ends’

  • Dominic Raab says criminals and ‘hostile states’ using crisis for their own ends
  • Cybersecurity agencies have urged staff to improve their password security
  • The agencies say they have seen a number of ‘password spraying’ attacks 
  • Hackers attempt to access accounts using commonly known passwords
  • Here’s how to help people impacted by Covid-19

Dominic Raab tonight lashed out at ‘predatory’ hackers targeting organisations involved in the fight against coronavirus.

The Foreign Secretary highlighted a surge in cyber attacks on the UK and US saying criminals and ‘hostile states’ were trying to take advantage of the crisis for their own ‘malicious ends’.

Taking the daily briefing in Downing Street, Mr Raab said the government was issuing urgent advice to help companies and bodies protect themselves.

The warning came as cybersecurity agencies on both sides of the Atlantic issued a joint alert to healthcare and medical research staff, urging them to improve their password security.

The agencies say they have seen cybercriminals targeting healthcare bodies, particularly those involved in coronavirus response.

In a message seemingly aimed at Russia and China tonight, Dominic Raab said while the ‘vast majority’ of nations have come together to defeat Covid-19 some will always ‘seek to exploit a crisis for their own criminal and hostile ends’

The UK’s National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory urging staff to change any passwords to one created using three random words, and to implement two-factor authentication on accounts to reduce the threat of compromises.

The agencies say they have seen a number of ‘password spraying’ attacks, where hackers attempt to access a large number of accounts using commonly known passwords, targeting healthcare organisations and other medical groups.

In a message seemingly aimed at Russia and China, Mr Raab said the ‘vast majority’ of nations have come together to defeat Covid-19 some will always ‘seek to exploit a crisis for their own criminal and hostile ends’.

‘We have clear evidence now that these criminal gangs are actively targeting national and international organisations which are responding to the Covid-19 pandemic which I have to say makes them particularly dangerous and venal at this time,’ he said.

‘Our teams have identified campaigns targeting healthcare bodies, pharmaceutical companies, research organisations and various different arms of local government.

‘There are various objectives and motivations that lie behind these attacks from fraud on one hand to espionage but they tend to be designed to steal bulk personal data, intellectual property and wider information that supports those aims and they’re with other state actors.’ 

Mr Raab said the predatory behaviour will ‘continue to evolve’ and advice will help targets better defend against cyber attacks from ‘hostile states’ and ‘criminal gangs’. 

The NCSC and the CISA said they believe criminals were targeting organisations in the hope of gathering information related to the coronavirus outbreak.

Paul Chichester, NCSC director of operations, said: ‘Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe.

‘By prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it.

Last month the NCSC launched its Suspicious Email Reporting Service (Dominic Lipinski/PA)

‘But we can’t do this alone, and we recommend healthcare policymakers and researchers take our actionable steps to defend themselves from password-spraying campaigns.’

Last month, the NCSC launched its Suspicious Email Reporting Service, following an increase in the number of Covid-19-related email scams, which allows the public to forward emails directly to the centre in order to report suspected scams.

In its first week, the NCSC said the service received more than 25,000 reports, which resulted in 395 scam websites being taken down.

Bryan Ware, CISA assistant director of cybersecurity, said it was prioritising its services to healthcare organisations and other medical groups involved in fighting the coronavirus pandemic, so that those firms can focus on their response to the virus.

‘The trusted and continuous cybersecurity collaboration CISA has with NCSC and industry partners plays a critical role in protecting the public and organisations, specifically during this time as healthcare organisations are working at maximum capacity,’ he said.

Source: Read Full Article