For the average, law-abiding person, the coronavirus COVID-19 is simply a health hazard. Unfortunately, some cybercriminals perceive the epidemic as an additional opportunity to launch a cyberattack. Right now, medical organizations need qualified information infrastructure protection as never before.<\/p>\n
Taking advantage of widespread public fears about COVID-19, phishers began to use the topic as a hook. That\u2019s maybe half the trouble \u2014 without the coronovirus, they would have used something else. But consider opportunistic cybercriminals attacking the information infrastructure of medical institutions, obviously hoping that with the general overload on IT services, they\u2019ll have an easier time breaking in to clinics\u2019 networks.<\/p>\n
A clinic in the Czech city of Brno reported a cyberattack last week<\/a>. It hasn\u2019t disclosed details of the incident, but hospital representatives say the attack caused database problems. The hospital can examine patients but cannot save medical data to the server, and the clinic had to cancel several operations and redirect patients to other institutions. However, the University Hospital in Brno is one of the largest Czech centers for coronavirus testing, making incident management a matter of life or death.<\/p>\n The US Health and Human Services Department (HHS) apparently also suffered a cyberattack on the evening of Sunday, March 13. Bloomberg<\/em> reported it<\/a> as a massive DDoS attack meant to sabotage the normal operation of HHS servers, \u201cundermining the response to the coronavirus pandemic.\u201d With the agency needed to coordinate efforts to counter the coronavirus, such an attack can do much more damage than usual.<\/p>\n We have been monitoring cases of coronavirus-related phishing<\/a> for several weeks now, and Sky News<\/em><\/a> recently wrote about a rather unusual phishing campaign aimed specifically at medical personnel \u2014 one that\u2019s been getting through medical organizations\u2019 internal IT controls. The letters seemed to be announcing a seminar on coronavirus, and they contained a registration link. That link led to a phishing page disguised as Microsoft\u2019s Outlook Web App, where attackers were collecting login credentials. Where and how cybercriminals will use this data is yet unknown.<\/p>\n We believe that in so difficult a time, medical workers should not be disturbed. Their jobs are to protect us from the coronavirus. Therefore, Kaspersky decided to facilitate the protection of medical institutions against cyberthreats. We\u2019re offering free six-month licenses for our solutions to health-care companies around the world. This offer applies to the following products:<\/p>\nUS Health and Human Services Department<\/h3>\n
UK worker credential phishing<\/h3>\n
Protecting health-care organizations<\/h2>\n
\n