Experts Reaction On Red Cross Urges Halt To Cyberattacks On Healthcare Sector Amid COVID-19

By   ISBuzz Team
Writer , Information Security Buzz | May 27, 2020 01:29 am PST

The Red Cross has published a letter urging governments to take more decisive action against cyber attacks on healthcare infrastructure during Covid-19.

Notify of
2 Expert Comments
Oldest Most Voted
Inline Feedbacks
View all comments
Chris Clements
May 27, 2020 9:34 am

I suspect this will have little to no impact in stemming cybercrime operations for the foreseeable future. Protection from malicious computer attacks is not something that you can just flip a switch and resolve, it must start months or even years in advance. Further, government’s ability to protect organizations is quite limited. They could provide monetary grants to be used specifically for information security products and services, but those can be hard for already stressed medical IT staff to quickly implement.

Cybercrime has exploded in no small part because it’s a fairly low risk endeavor for attackers. Geographic distance and national boundaries make locating and bringing these criminals to justice a difficult proposition. Short of to using militaries to locate and drone strike cybercriminals I don’t expect them to change their calculous of risk.

There are several reasons why you can expect criminals to continue their campaigns:

1. The healthcare institutions they are targeting may be geographically distant from the attacker, nullifying any potential motivation of self-preservation.
2. An individual cybercriminal group may fear that if they hold off attacks, another attacker may beat them to the punch, cheating them out of potential ransom money.
3. Ransomware attackers are morally and ethically compromised.

Last edited 3 years ago by Chris Clements
Erich Kron
Erich Kron , Security Awareness Advocate
May 27, 2020 9:32 am

While the pleas put forth by these organizations are commended, it is doubtful they will make any impact in the attacks on health care facilities or employees. It is important to remember that we are dealing with criminals here and these criminals continually show a lack of compassion. Whether they are swindling the lifetime savings from the elderly or causing the collapse of small businesses through scams by taking advantage of natural or man-made disasters, their actions tell us how they will react to this plea for help.

When the pandemic began, several ransomware gangs stated that they would not attack health care facilities and that they would even give decryption keys to those accidentally hit. Those, however, were only a few of the large number of individuals and groups here to take advantage of this volatile situation.

Sadly, the only motivation these attackers would have to stop attacking would be their own compassion, a trait they have already shown to be lacking. While the national governments in the countries where some of these gangs live might possibly attempt to crack down on these criminals, unfortunately in many cases, the corrupt local governments or police forces will provide them with ample warning so as not to be hindered by any enforcement actions.

Although I am not hopeful that the bad actors will stop their attacks, I am hopeful that this message will demonstrate how serious things are, and perhaps cybersecurity providers will be willing to redouble efforts to help protect this vital industry that is currently struggling under the restrictions and load of the global pandemic by offering free or reduced cost services and products, even if only temporarily.

Last edited 3 years ago by Erich Kron

Recent Posts

Would love your thoughts, please comment.x