Because hackers are attacking hospitals more and more often

Phishing and ransomware are two of the most used weapons to target Healthcare. Despite the delicate situation of health systems, cybercriminals attack hospitals, healthcare personnel and patients

(photo: Antonio Masiello / Getty Images)

The 2020 pandemic, the rush to create vaccines to combat Covid-19 and the consequent global vaccination campaign have put the world of health in the spotlight; unfortunately attracting, even more than in the past, even the attention of cybercriminals.

In the healthcare environment, hackers have acted without too many problems, using two techniques above all: that of phishing and attacks ransomware targeted.

The phishing technique

Phishing remains theweapon most used by cybercriminals to target individuals and large corporations. The purpose of this type of attack is to take possession of valuable personal data deceiving the victim.

Thanks to the dramatic situation of 2020, millions of users’ email boxes were delivered fake institutional messages who invited unsuspecting victims to connect to the sites contained in the message with the message to stay updated on the developments of the pandemic or to receive privileged access to the support bonuses provided by governments. The lack of attention from the average user maximizes the effectiveness of the attack method, which exploits small details that could deceive even the most attentive eye.

In fact, if we take for example the official website of the Italian Ministry of Health:

one of the most reliable and secure sources of health information in our country, it is possible to trick a user into clicking on a link that resembles the original one in every way.


Although the latter appears to be the same link indicated above, the letter “a“Of the word”salute“Has been replaced by the letter”but” of the Cyrillic alphabet and this, depending on the font used to write, is a detail that even the most attentive can miss. In fact, the font used by Wired highlights this problem since the two letters are indistinguishable but, by copying the first link and pasting it in the url bar this will lead us to the official website of the Ministry of Health, copying the second instead the user will be redirected to a different site which, fortunately, the providers have already taken steps to block since malicious and dangerous.

The change of a single letter within a link therefore allows the victims to be diverted to a page totally different from the original one, perhaps disguised as a ministerial site, but which has the purpose of steal personal data by deceit to the user who visits it.

The way of ransomware

Ransomware attack is the preferred method of cybercriminals to attack large companies for the purpose of extort money. The ransomware is indeed a computer virus capable of encrypt all data on the infected system which become unusable until the attackers release a decryption key.

This type of attack a few weeks ago brought him to his knees numerous hospitals in New Zealand and Ireland. In September 2020, a ransomware attack hit a hospital in Germany forcing healthcare personnel to refuse all new patients and thus diverting an emergency ambulance to a different facility. This one has though caused the patient’s death that the ambulance was carrying.

Examples like these highlight the danger of a ransomware attack towards health facilities.

“From a cybercriminal’s perspective, healthcare organizations are high-value targets for ransomware attacks, as they have the greatest motivation to pay to quickly restore their systems. By the very nature of their business, healthcare professionals often operate under time pressure, which leads to cursory clicking, downloading and managing emails, thus risking falling victim to socially engineered email attacks. . Potentially vulnerable life-saving equipment and the visibility given to ransom payments made in the past further increase the attractiveness of this industry for ransomware distributors”, He explains Loic Guezo, Director Cybersecurity Strategy Semea di Proofpoint, a Wired.

The disruptive and destructive nature of ransomware is impossible to ignore, but sadly the reality is that cybersecurity managers are simply not able to focus all their efforts on this one form of attack. Data from Proofpoint’s recent global research on Chief Information Security Officers (CISOs) shows how they feel targeted by a variety of different threats, but only 25% of public sector CISOs list ransomware as one of the top three perceived cyber threats.

However, a ransomware attack should certainly not be underestimated, especially in a delicate situation such as the one in which the world of global healthcare finds itself now.

Categories:   Internet