Like opportunistic infections, bad actors are taking advantage of the stress and chaos of the COVID-19 pandemic to launch a wave of cyber attacks against everyday people, government agencies, and vulnerable healthcare institutions. But cyber security companies and white hat hackers are teaming up to present a unified front against the digital invaders.
In March, cyber criminals infected the website of Illinois’ Champaign-Urbana Public Health District with a ransomware called NetWalker, the News-Gazette reports. Ransomware holds computer systems hostage; the public health workers in Champaign-Urbana realized something was wrong when they were suddenly locked out of their own files.
That same month, Brno University Hospital in the Czech Republic, home to one of the country’s largest COVID-19 testing sites, had their computers knocked offline. Procedures were canceled and patients were shunted to new hospitals, according to Healthcare IT News.
The World Health Organization and U.S. Department of Health and Human Services have suffered cyber attacks, too.
Defending Against Cyber Attacks Amidst COVID-19
Groups like the CTI League — over a thousand volunteers strong and spread around the world — and the Cyber Alliance to Defend Our Healthcare are forming in response to the recent cyber attacks.
The extra help is needed, as healthcare IT workers find themselves stretched taut as a tennis racket by the COVID-19 pandemic.
“We were beginning to get calls from all over Europe in particular that there was a significant escalation in cyberattacks from March onward,” Andre Pienaar tells The Hill. Pienaar is the founder of C5 Capital, an investment firm whose portfolio is dedicated to the cyber defense space.
“We decided we had to do something to help, and launched the Cyber Alliance to Defend Our Healthcare, as part of a transatlantic effort to protect the crucial care provided by hospitals and clinics.”
The white hat hackers and cyber security companies are fending off an array of cyber attacks. CTI’s inaugural report describes their methods for defining and defending against phishing attacks — using fake emails as hooks for malware — and tackling misinformation.
The groups are working closely with law enforcement, The Hill reports, including the FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA).
Chris Krebs, the director of CISA, told The Hill in a statement that the CTI league has helped tell compromised network admins about their possible cyber attack, improve vulnerability management, and manage medical supply chain risks.
Krebs statement says the agency “looks forward” to working with groups like CTI.
With computer viruses on one side and coronaviruses on the other, public and private partnerships — in both the physical and digital domain — may be what it takes to keep systems and society from succumbing.