US government warns hackers may target hospitals for COVID-19 vaccine research, intellectual property

The U.S. Department for Homeland Security and the U.K. National Cyber Security Centre are warning hospitals and healthcare organizations that there could be an increase in cyberattacks targeting them to gain COVID-19 patient data.

The agencies previously sent an advisory on April 8 detailing how cybercriminals and advanced persistent threat groups were engaged in malicious activity related to the coronavirus pandemic; on May 5, they reported that APT actors are targeting healthcare organizations to collect bulk personal information. "The pandemic has likely raised additional requirements for APT actors to gather information related to COVID-19," the advisory states. "For example, actors may seek to obtain intelligence on national and international healthcare policy or to acquire sensitive data on COVID-19 related research."

Two U.S. officials reported to NBC News that "the increased amount of information hospitals are collecting on patients because of the pandemic, as well as any research that could lead to the development of a vaccine, is highly sought after by hackers working on behalf of foreign governments, including China's."

Several hospitals and health systems are engaged in national trials related to COVID-19 treatment and vaccines; they also have tremendous amounts of data about COVID-19 treatment and trends. The agencies reported investigating multiple incidents in which cybercriminals are targeting pharmaceutical companies and medical research organizations as well as universities to steal their data and intellectual property. The cybercriminals see the supply chain as a weak link that they can use to exploit targets.

The APT groups are also using password spraying campaigns to target healthcare organizations where they attempt to break into a system by using a single and commonly used password with several accounts. Using this technique can avoid account lockouts and often is undetected.

The NCSC compiled a list of frequently used passwords that attackers use here.

The agencies recommend updating VPNs, network infrastructure devices and other devices being used for remote work to make sure the software patches are updated. Multi-factor authentication can also reduce risk.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars