Cybercriminals launched a cyberattack against the US Health and Human Services (HHS) Department amid the coronavirus pandemic.
The attack on the health agency’s computer systems took place on 15 March in an apparent distributed denial of service (DDoS) attack.
This saw HHS’ servers overloaded with “millions” of hits over several hours in a move seemingly designed to cause disruption during the COVID-19 outbreak.
“On Sunday, we became aware of a significant increase in activity on HHS cyber infrastructure and are fully operational as we actively investigate the matter,” a HHS spokeswoman told Bloomberg, which first broke the news.
“We are coordinating with federal law enforcement and remain vigilant and focused on ensuring the integrity of our IT infrastructure.”
The US National Security Council is investigating and said HHS and federal networks are now functioning normally.
While there’s no word on the culprit the attack is suspected to be the work of a foreign state.
“It’s as bad as stealing generators, gas or food in a time of natural disaster”
Sam Curry, chief security officer at IT security firm Cybereason, described the HHS cyberattack as “horrendous”.
“Damage like this at this time is not ‘white hat’ or even ‘grey hat’. It’s dark as dark. It’s as bad as stealing generators, gas or food in a time of natural disaster,” he said.
“What breaches like this do is accelerate the virus potentially by making measures and controls not reach the people that need them. That means that this could directly lead to deaths.”
Marty Puranik, CEO of IT firm Atlantic.Net, said:
“It’s very difficult to fight multiple fires – the actual pandemic and reacting to data security procedures; that’s why it’s important to have those in place before volatile events occur.
“This shows that attackers will take advantage of any situation, even global emergencies, to profit for themselves and the importance of realising that attackers will try to take advantage of you when the chips are down.”
Criminals exploit coronavirus outbreak
The HHS cyberattack is the latest in a trend of cybercriminals taking advantage of the coronavirus outbreak, which has so far has affected 189,000 people globally and caused 7,500 deaths.
These have ranged from phishing emails masquerading as a COVID-19 tax refund, to crooks impersonating the Centers for Disease Control and Prevention to ask for donations in Bitcoin.
“Attackers of all types – from cybercriminals seeking profits, to terrorists and other seeking disruption, and even nation states will seek to hit their targets when they are distracted, striking when governments and businesses have their hands full with the pandemic response,” said Kevin Bocek, VP security strategy & threat intelligence at cybersecurity firm Venafi.
“Every organisation, from governments and banks through to payment providers, retailers or manufacturers must be on high alert for cyberattacks. Now is not the time to consider cybersecurity optional.”
Jonathan Knudsen, senior security strategist at cybersecurity company Synopsys, added: “Recent attacks on the United States Health and Human Services (HHS) Department are a reminder that software is a piece of critical infrastructure, just as much as healthcare, power, water, and the other sectors.
“Software is part of the fabric of society that many of us take for granted.”