The Rise in Cyber-Attacks Aimed at Healthcare Providers During COVID-19

An alarming amount of cyber offense incidents that target hospitals and healthcare providers hit the cybersecurity radar during the COVID-19 pandemic. The health systems that fall victim to such attacks are forced to cancel their services and lose patients (unfortunately, not merely to other healthcare providers). The scope of financial influx into healthcare during the COVID-19 outbreak attracts cybercriminals, and this tendency does not seem to be changing its course in the foreseeable future. One sure way to stay vigilant for ongoing threats within the niche is through the enhancement of your cybersecurity toolkit. SOC Prime platform is a one-stop shop for cybersecurity practitioners and enthusiasts to ensure they stay at the top of their game. It is the world’s first platform for collaborative cyber defense, threat hunting, and discovery that integrates with 20+ SIEM and XDR platforms. Moreover, powered up by a user-oriented tool, Uncoder.IO, one can translate queries on the fly in a single place without the need to switch to the SIEM environment.

In these turbulent days, much of the cybersecurity discussion centers on the importance of accepting the reality that a cyber-attack is almost certain to affect any healthcare provider at some point, Russian-roulette style. Fueled by grim statistics that the healthcare industry is expected to spend an astonishing $125 billion on cybersecurity from 2020 to 2025 comes an avalanche of wide-ranging hacks and data breaches launched in this sector.

This article provides an overview of the most worrisome cyber-attacks aimed at the healthcare industry in the course of the COVID-19 crisis.

65.7% of COVID-19-related threats being spam email.

One of the high-profile phishing cases in 2021 was an attack on American Anesthesiology, Inc, a key anesthesia services provider. Hackers gained access to the email system of the targeted company’s business partner, MEDNAX. Those email accounts exposed the personal data of American Anesthesiology’s clients, although the adversaries’ main goal was payroll fraud. The number of affected accounts far exceeded 1 million.

Starting with the launch of vaccines that protect from SARS-CoV-2, the virus that causes COVID-19, cybercriminals were keeping a close eye on the new horizons they were presented with. Most of the scam emails were mimicking health advice mailing, pushing questionable updates on vaccination. The top three most common email subjects (vaccine vendors may vary): Important Pfizer Vaccine Message for you; Moderna Vaccine Survey Response Needed; Johnson COVID-19 Survey Response Confirmation.

rose by more than 1,150% since 2018, reaching a record amount of more than $1 million by the end of 2021. The healthcare industry has been hit particularly hard since the COVID-19 set out on its global march in 2019.

In August 2021, PwnedPiper zero-day vulnerability was identified in a solution for pneumatic tube systems (PTS) used for biological samples and medications transportation. The system is crucial in a healthcare routine, utilized in more than 80% of hospitals in the U.S, and also can be found in quite a number of healthcare institutions worldwide. PwnedPiper allows for a complete takeover of the system control, enabling attackers to deploy ransomware and access sensitive hospital information.

One year before the PwnedPiper incident, OpenClinic patients test results were exposed due to four zero-day vulnerabilities, allowing remote code execution and patient data theft.

the most vulnerable industry since 2020, seeing continued growth in the number of ransomware incidents and well-orchestrated RaaS models attacks in 2021.

In September 2020, the Duesseldorf University Hospital was unable to receive a patient in a critical condition as it was under a ransomware attack that infected more than 30 internal servers. The patient was redirected to another hospital, 30 km away from the initial emergency destination, and did not make it. The delay in treatment was later acknowledged as not being a direct cause of the death but still a factor that affected the fatal outcome.

As noted, the pandemic’s ubiquitous influence has affected all industries. But the one that was particularly strained is, undoubtedly, healthcare. The number of cyber-attacks, especially high-profile ones targeting this sector, has skyrocketed, spelling new issues and challenges to deal with during the COVID-19 turmoil.