Interpol Warns Hospitals Of Spike In Ransomware Attacks

By Ben Kochman
Law360 is providing free access to its coronavirus coverage to make sure all members of the legal community have accurate information in this time of uncertainty and change. Use the form below to sign up for any of our weekly newsletters. Signing up for any of our section newsletters will opt you in to the weekly Coronavirus briefing.

Sign up for our Consumer Protection newsletter

You must correct or enter the following before you can sign up:

Select more newsletters to receive for free [+] Show less [-]

Thank You!



Law360 (April 6, 2020, 8:03 PM EDT) -- Cybercriminals are targeting overburdened hospitals during the COVID-19 pandemic by trying to lock them out of critical systems and extort them into paying ransoms, the international crime-fighting agency Interpol warned over the weekend.

The organization said on Saturday that its threat response team "has detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response," echoing a similar warning sent out last week by software giant Microsoft Corp

"As hospitals and medical organizations around the world are working nonstop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients," Interpol Secretary General Jürgen Stock said in a statement.

Interpol said that it has sent a "purple notice" to its 194 member countries about what it called a "heightened" ransomware threat amid the crisis. The organization is also assisting police with investigations into ransomware cases across the globe, providing technical support to member countries and collecting a list of suspicious internet domains related to COVID-19, it said in the statement. 

Cybersecurity experts have said that the spread of COVID-19 has brought with it a spike in data security incidents, as cybercriminals exploit vulnerabilities stemming from the pandemic, including distracted workers and stretched-thin IT staff.

Interpol advised health care providers and other companies to remind their employees to try to avoid falling victim to phishing attacks, which are designed to dupe workers into divulging login credentials, or otherwise downloading malicious software onto company systems.

Employees should only open emails or download software from trusted sources, and only click on links or download attachments from emails they expected to receive, Interpol said. Businesses should also be backing up important files frequently and storing them on separate computer systems, the organization added.

Interpol's warning comes days after Microsoft said that it had warned "several dozens" of hospitals it believes have vulnerabilities in their infrastructure, including in the virtual private networks that remote workers are increasingly using to connect to shared networks amid the coronavirus outbreak.

The company said it had seen evidence that the health care industry is "particularly exposed" to ransomware and other forms of cyberattacks during the virus response, as attackers exploit understandable fears for their own ends.

--Editing by Alanna Weissman.

For a reprint of this article, please contact reprints@law360.com.

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Beta
Ask a question!