Cyber threats to both the health care sector and average Americans have surged as hackers look to take advantage of the panic and chaos caused by the coronavirus crisis.
Major agencies including the Department of Health and Human Services (HHS) and the World Health Organization (WHO) have been targeted by hackers in unsuccessful but ongoing attacks.
{mosads}“There has been a big increase in targeting of the WHO and other cybersecurity incidents,” WHO chief information security officer Flavio Aggio told Reuters following an unsuccessful cyberattack this month. “There are no hard numbers, but such compromise attempts against us and the use of [WHO] impersonations to target others have more than doubled.”
Health agency websites have been targeted by ransomware attacks, including the website of the Champaign-Urbana Public Health District in Illinois, which serves around 200,000 people. The agency’s website was offline for several days while experts struggled to bring it back up, significantly limiting the ability of health officials to communicate with the public.
Following these incidents, Sen. Michael Bennet (D-Colo.) sent letters to HHS and other top health agencies asking them to allow the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) to investigate their cyber defenses.
“As this public health crisis continues, perhaps for several months, the security of these vital systems is critical to ensuring that our federal agencies responsible for public health can effectively support our response to the pandemic and continue to provide trusted and timely information to the American people,” Bennet wrote to the agencies.
For most Americans, the most worrying cybersecurity trend has been the spike in malicious phishing emails in relation to the coronavirus, with cyber criminals using concerns around the pandemic to steal data and blackmail individuals for money.
Researchers for cyber group Barracuda Networks this month found a 667 percent increase in phishing emails using the coronavirus to trick individuals into clicking links or downloading attachments that included computer viruses, such as ransomware that lock up computers and demands a ransom to unencrypt them.
Both the FBI and CISA have put out alerts warning Americans to watch out for these phishing emails while working from home. The FBI specifically urged caution for emails involving information on coronavirus relief checks from the stimulus package signed by President Trump and those from groups claiming to be the Centers for Disease Control and Prevention.
“Scammers are leveraging the COVID-19 pandemic to steal your money, your personal information, or both,” the FBI wrote in the alert. “Don’t let them.”