May 15, 2020

Ransomware attacks against hospitals are on the rise

Share Now on:
HTML EMBED:
COPY
Facilities working on coronavirus testing and vaccines appear to be targets.

This week, the FBI and Homeland Security warned that Chinese hackers are trying to break into U.S. companies and health organizations to steal research and intellectual property related to the coronavirus. International authorities have been warning for weeks that malicious hackers are stepping up ransomware attacks against hospitals and health care providers, breaking into networks and holding data hostage until the organizations pay. 

I dig into this in Quality Assurance, the segment where I take a deeper look at a big tech story. I spoke with Marketplace’s Scott Tong, who has been reporting on this from Washington, D.C. The following is an edited transcript of our conversation.

Scott Tong

Scott Tong: Interpol, the U.S. government, Google, Microsoft, have all come out and said there’s a lot more attempts to get into hospitals, health-care networks, drug companies working on a vaccine, all of that to take your data, steal it or lock it up so you can’t get access to it. It certainly seems like it is a heightened threat. There’s more going on.

Molly Wood: About these warnings, do we have a sense of what hackers are trying to get at when they attack these health-care organizations?

Tong: The warnings have not been very specific as to what they’re trying to get, but what [the authorities] say is be careful. If you are a company working on a new technology, a vaccine or testing technology, you should be worried, so it kind of implies that’s what the bad guys would naturally be after.

Wood: What are the attack methods?

Tong: One of them is the software to get somebody in a company [to] click the wrong thing. As I’ve spoken to some cyberanalysts, they say there’s a website that looks really similar to that Johns Hopkins global map of the coronavirus that so many of us have clicked on. If you click on the wrong thing there, then the malware gets into your computer. There’s also the fake emails, and some of them out there pretend to be from the boss of a company. Then there’s tools to get in just by hacking weak spots in a company network. There’s another one to roam inside the network to see what’s there, and another tool to lock up the data. Then, you can notify the people at the company, the organization, to say, “Well, you know what? You don’t have access to your data anymore. Now you have to pay.”

Wood: Do we have any sense of whether these organizations are more or less secure? Are they in any way equipped to deal with this at the same time that they’re dealing with a massive public-health crisis?

Tong: People who have watched this — and I’ve spoken to one person who actually negotiates on behalf of health-care organizations and hospitals when they get hacked in this way — and what they described is many hospitals in general, they don’t have the latest version of software. A lot of hospitals and diagnostic centers are running on Windows XP. They have a lot of people coming in and out, and they’re just crazy busy right now. Even though the authorities say, “You don’t want to pay the ransom because you’re rewarding bad behavior,” if you have lives to save, you might be a little bit more inclined to pay even if you’re not supposed to.

A screenshot of the dark web’s fake site that mimics Johns Hopkins’ coronavirus database. (Scott Tong/Marketplace)

Related links: More insight from Molly Wood

More information on that FBI and Homeland Security warning. Apparently, it is quite unusual for them to issue a joint statement. But TechCrunch notes that although the warning claims that China’s hacking efforts “pose a significant threat to our nation’s response to COVID-19,” neither organization immediately offered proof of those claims. They said they would release technical details soon. Reuters also reported last week that hackers tied to Iran had targeted the drugmaker Gilead, which makes the only antiviral drug that’s proven to help treat COVID-19. 

Earlier this week, I asked what you’re watching in quarantine. In pulpy fun, Kimberly in northeastern Ohio said she and her family have been watching “Royal Pains” on Netflix since the quarantine started. They’re now in the middle of season 5. Robert told us he’s being very highbrow and watching the complete filmography of Jean-Luc Godard. A lot of you said you’re watching cooking shows. Denise suggested Alton Brown’s YouTube show that he does with his wife on Tuesday nights. Tricia said YouTube also has a series called “Dave’s Coronavirus Isolation Cooking Show,” which has salty language and a catchy theme song. No one wrote in to say they were watching anything on Quibi, though.

I will send you into the weekend with a recommendation of my own. I just finished binge-watching “Upload” on Amazon Prime, which is about uploading your consciousness after you die and how that is gonna be big business. It’s very clever and funny. Although, I’m going to warn you that the season ends with a bit of a cliffhanger. The show has been renewed, but we have no idea if that means they’ve shot new episodes, or when they’ll be able to, so just choose wisely.

Listening makes you smarter…
donating makes it all possible.

Our mission is to raise the economic intelligence of the country, exploring the intersection of the economy, tech, and our daily lives. As a nonprofit news organization, we count on your support – now more than ever before.

Secure the future of public service journalism today when you become a Marketplace Investor.

The team

Molly Wood Host
Michael Lipkin Senior Producer
Stephanie Hughes Producer
Jesus Alvarado Assistant Producer