Read time: 3 minutes

Cyber attacks spike in healthcare amid COVID-19 second wave

By , ITWeb
South Africa , 11 Jan 2021

While many countries battle a second wave of COVID-19 infections, cyber criminals remain undeterred, with security firm Check Point witnessing a spike in attacks targeted at healthcare organisations.

Last year also saw cyber attacks targeted at companies and government organisations distributing COVID-19 vaccines.

Check Point says since its October 2020 report, which showed that hospitals and healthcare organisations had been targeted by a rising wave of ransomware attacks, cyber crime threats worsened over the past two months [November and December].

According to the Israeli security company, since the start of November 2020, there has been a further 45% increase in attacks targeting healthcare organisations globally.

This, it says, is more than double the overall increase in cyber attacks across all industry sectors worldwide seen during the same time.

Check Point adds that the average number of weekly attacks in the healthcare sector reached 626 per organisation in November, compared with 430 in October.

“The raise in attacks involves a range of vectors, including ransomware, botnets, remote code execution and DDoS attacks,” it notes. “However, ransomware shows the largest increase and is the biggest malware threat to healthcare organisations when compared to other industry sectors.

“Ransomware attacks against hospitals and related organisations are particularly damaging, because any disruption to their systems could affect their ability to deliver care, and endanger life – all this aggravated with the pressures these systems are facing trying to cope with the global increase in COVID-19 cases.

“This is precisely why criminals are specifically and callously targeting the healthcare sector – because they believe hospitals are more likely to meet their ransom demands,” states Check Point.

Check Point identified the “infamous” Ryuk as the main ransomware variant used in the majority of the attacks, followed by Sodinokibi.

Ryuk was first discovered in mid-2018. In 2020, Check Point Research monitored Ryuk activity globally and observed the increase of its use in attacks aimed at the healthcare sector.

“It is also important to note that unlike common ransomware attacks, which are widely distributed via massive spam campaigns and exploit kits, the attacks against hospitals and healthcare organisations using the Ryuk variant are specifically tailored and targeted.”

The major reason for the spike in attacks is financial, according to Check Point. “They are looking for large amounts of money, and fast. It seems that these attacks have paid off very well for the criminals behind them over the past year, and this success has made them hungry for more.”

It adds: “Hospitals are under tremendous pressure due to the ongoing rise in coronavirus cases and are willing to pay ransom so they can continue to provide care during this critical time.”

Daily newsletter