What happens when a healthcare agency is “infected”?
Happy Friday, everyone! Sometimes, I think about the irony of that greeting when I’m getting ready to introduce and review a cyber attack. But nonetheless, this week we have two attacks on our hands.
Amidst the COVID-19 outbreak, cyber criminals are not taking a day off; not even for a pandemic. Further, the victims this week happen to be two forms of health care agencies. The first is The Champaign Urbana Public Health District, based in Illinois. Their website, which provides much information and resources on COVID-19, became the target of a ransomware attack.
Here’s the Breakdown:
Who: The Champaign Urbana Public Health District
What: Netwalker ransomware attack on their website, knocking it offline.
When: Beginning of March
Now, CHUPD has set up an alternative website to carry them over until they are able to get their main site up and running.
Continuing on, the attacks didn’t stop there. The next victim of a cyber attack is the US Department of Health and Human Services. Once again, the HHS is a great source for millions of Americans to turn to for information on the Coronavirus.
To elaborate, their website faced a distributed denial of service or DDoS attack. What this means is that cyber criminals flooded the HHS site with packets in an attempt to bring the site down.
Here’s the Breakdown:
Who: The US Department of Health and Human Services
Where: Washington D.C.
What: Distributed denial of service or DdoS attack on their main website
The attack did not succeed in bringing the site down. But, the unwanted traffic did slow the site down enough to make an impact. The HHS released a statement regarding the attack. They noted that there was an attempted DdoS attack, but it was not completely successful. The attack is now under investigation.
All in all, I am not surprised to see attacks on healthcare agencies amidst the COVID-19 outbreak. Why wouldn’t a malicious criminal capitalize on the chaos and panic sweeping over the US right now?
In short, this also could be a sign for healthcare agencies to begin implementing stronger cyber security protocols and regulations. This would be a step in the right direction in order to secure their data, systems and websites.
By Taylor Ritchey