Malware attack on hospitals is actually a global attack: Various cybersecurity experts have detected a cyber attack, in the form of coronavirus update. Cybercriminals sent Email messages as a part of a phishing campaign. Those emails contained links that made it possible for the victim to potentially infect hospital systems with ransomware.
Had these systems been infected, hospitals would have collapsed due to the inability to continue accessing their computer systems. Fortunately, the attack has not affected hospitals. But experts warn: it is actually part of a tragic global phishing attack. It uses the coronavirus update as an excuse to try to sneak into our computers.
Coronavirus update as a trap to install ransomware
Lets take a look at these coronavirus update emails. These emails have been reaching healthcare personnel for about a week. They invite the user to click on links to obtain more information about the pandemic. But these links act as a trap that causes the victim to unknowingly install ransomware called Netwalker
That ransomware would have caused the same effect that we saw for example almost three years ago with the WannaCry cyber attack. On that occasion, various companies around the world got their equipment and infrastructures blocked by ransomware. They demanded the payment of an amount in cryptocurrencies or otherwise users would not be able to unlock that equipment and access their data again.
Bernardo Quintero ( @bquintero ) of VirusTotal explained in his tweets that in reality, this theoretical cyberattack targeting hospitals is actually part of “an international campaign to distribute ransomware”.
Many are the phishing emails that are circulating globally. These emails disguise themselves as legitimate information to deceive all kinds of users. They infect computers with ransomware like NetWalker. Websites like this have appeared, which collect false messages so that those who suspect can compare what comes to them with those messages already confirmed as false.
Also read our article on China using robots and drones to combat coronavirus
Some cybercriminals have some ethics: they do not attack hospitals
Roman Ramirez is an expert in cybersecurity responsible for the well-known Rooted CON event. He explained that there are many criminal groups who are attacking different companies and groups with these emails and phishing scams. But luckily they also have some kind of ethics where they avoid attacking hospitals.
Several of those responsible for ransomware attacks such as the creators of the DoppelPaymer ransomware confessed that “they always try to avoid hospitals and nursing homes. “
In fact, if their cyberattacks end up affecting hospitals, they explained: “we will provide a data decryption code for free”. Although that exception did not affect the pharmaceutical companies. According to these cybercriminals “pharmaceutical companies earn a lot of extra money thanks to panic.”
The same thing happened with the creators of the Maze ransomware. They also indicated in a public statement that “we will stop all activity that goes against medical organizations until the situation with the virus stabilizes.”
Even the creators of Netwalker indicated that they had no such intention. “Hospitals and medical facilities? Do you think someone has a goal to attack hospitals? We don’t have that goal, it never has been. It’s a coincidence. No one would purposely try to hack a hospital.” Of course, if they are affected even by accident, they explained, “they will have to pay for the decryption [of the data].”