Interpol warns of increase in ransomware attacks against hospitals amid Covid-19 crisis

Cyber criminals are sending spear-phishing emails that claim to contain valuable information about the disease

Interpol has issued a 'purple notice' to alert police forces around the world of an increasing number of ransomware attacks targeting healthcare sector during on-going coronavirus crisis.

According to the global law-enforcement agency, ransomware groups are currently targeting hospitals and medical organisations in effort to lock the system admins out of the critical IT systems they need to fight the Covid-19 outbreak.

"Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid," Interpol said.

"In response to this growing danger, the Cybercrime Threat Response team is monitoring all cyberthreats related to Covid-19, working closely with private partners in the cybersecurity industry to gather information and provide support to organisations targeted by ransomware."

According to Interpol, attacks from ransomware groups are often disguised as official advice from government agencies. Such messages (mostly spear-phishing emails) claim to contain information about coronavirus outbreak and encourage the recipients to open an attachment which actually contains malicious files.

After compromising the targeted network, the cyber criminals encrypt all machines on that network and lock the organisation out of those devices until a ransom is paid.

The agency said it is currently working with the cyber security industry to gather more information about the attacks that are likely to become more deadly as the response to coronavirus outbreak reaches a critical level across the world.

Interpol is also providing technical support to help protect critical medical infrastructure in various countries, and reviewing cyber crime threat data to assist law enforcement agencies to mitigate the risks.

Interpol recommends healthcare organisations to keep a back-up of their essential files and to also ensure that all the hardware and software they use is up to date.

The alert from Interpol has come at the time when the World Health Organisation (WHO) revealed last month that an elite group of hackers tried to infiltrate its networks in an attempt to steal sensitive information from the global health agency.

While the identity of the hackers could not be ascertained, some security experts believed that it could be the handiwork of 'DarkHotel' - a threat group that has been active since 2007 and has targeted several business entities and government agencies in various countries.

It also emerged last month that hackers suspected to have ties with the Iranian government were trying to break into personal email accounts of the WHO staff in a bid to steal information about the Covid-19 outbreak.

A cyber security expert working for an unnamed big tech firm told Reuters that they had also observed targeted attacks against various international health organisations in recent days that appeared to be the work of Iranian government-backed attackers.

The US Health and Human Services (HHS) Department also said in March that it had been hit by a cyber attack that seemed to be focused on hurting its ability to respond to coronavirus crisis.