Hospitals are favorite hostages of cybercriminals wielding ransomware. A key reason is healthcare providers’ willingness to pay ransom in exchange for the release of their mission-critical information systems.
However, a trend has emerged of evidently softhearted ransomware gangs swearing off hospitals during the COVID crisis.
Too good to be true?
“The promise not to attack hospitals was always an empty one, given the number of players in the ransomware game that would not restrain from it,” Erich Kron, a security awareness advocate with KnowBe4, tells the online outlet Threatpost. “Spanish hospitals were targeted by Netwalker campaigns using COVID-19 related messaging in the attacks although promising not to.”
Taking sweet-talking lawbreakers at their word is always a high-risk proposition, suggests Threatpost writer Tara Seals.
Therefore, like people under 40 assuming they’re infected with COVID before visiting older people, hospitals should behave like they’re already in cybercriminals’ crosshairs—and take aggressively defensive measures without delay.