Hackers targeting hospitals and home workers


unsplash-logoDimitri Karastelev 

The global pandemic is helping cybercrooks launch ransomware attacks and conduct scams, a global technology services provider documented in a report out this week.

NTT said that its report:

“... reveals there has been a significant increase in cyberattacks in the wake of covid-19, as hackers seek to exploit coronavirus-related panic, along with vulnerabilities created by an increase in remote working.”

The company’s threat assessment concluded that:

“Covid-19 will continue to be used as a lure--especially since around 2,000 coronavirus-themed websites are created every day--and likely will be for the duration of the pandemic.”

Hackers have been impersonating trusted outfits like the World Health Organization and the US Centers for Disease Control and Prevention to install “information-stealing malware” on the victim’s computer. Others are sending out phishing emails offering to sell fake face masks, hand sanitiser and coronavirus tests.

According to the NTT report:

“Threat actors are also employing ransomware under the guise of security software. One new ransomware, called CoronaVirus, is being distributed via a site claiming to encourage the use of system optimization software from WiseCleaner.”

The healthcare sector itself has specifically been targeted. NTT stated:

“High-profile attacks have been launched against hospitals, the World Health Organization and a covid-19 test center.


“Hospitals in particular have experienced a wave of threats, at the exact time that their resources are focused on saving lives and handling an overflow of patients. Ransomware, encrypting applications and files until a ransom is paid, has been the main threat, along with attempts to steal financial information and patient medical records.”

NTT said it would donate IT security services to hospitals in several countries, including Luxembourg, which have experienced a cyberattack. The company said:

“Following an assessment, the service will include remote deployment of NTT’s Incident Response tools and then focus on containment and remediation of the attack.”

The offer started on Tuesday and lasts for 60 days.

NTT’s Global Threat Intelligence Centre published its April 2020 monthly threat report on 7 April.