Authorities warn that hackers are targeting health care and essential services

Authorities warn that hackers are targeting health care and essential services
© Greg Nash

The top cybersecurity agencies in the United States and the United Kingdom on Tuesday warned that hackers are targeting health care organizations and essential services during the COVID-19 pandemic. 

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.K.’s National Cyber Security Centre (NCSC) put out a joint alert warning that advanced persistent threat (APT) groups are using the pandemic to zero in on vulnerable organizations involved in fighting the virus.

“APT actors are actively targeting organizations involved in both national and international COVID-19 responses,” the agencies wrote in the alert. “These organizations include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments.”


The agencies warned that these groups were likely being targeted in order to steal intellectual property and intelligence, such as details on national and international health policies and COVID-19 research. 

Hackers are increasingly using “password spraying” to target the organizations, which involves an attacker using common passwords on many accounts repeatedly to gain access. 

“Organizations involved in COVID-19-related research are attractive targets for APT actors looking to obtain information for their domestic research efforts into COVID-19-related medicine,” CISA and the NCSC wrote. 

CISA Assistant Director of Cybersecurity Bryan Ware said in a statement that CISA was prioritizing cybersecurity assistance for health care groups. 

“The trusted and continuous cybersecurity collaboration CISA has with NCSC and industry partners plays a critical role in protecting the public and organizations, specifically during this time as healthcare organizations are working at maximum capacity,” Ware noted. 

Paul Chichester, the director of operations at the NCSC, said Tuesday that his agency was “fully focused on supporting the UK’s health and research services to defend themselves from cyber attack during the coronavirus outbreak.”

Chichester cautioned that the NCSC “can’t do this alone, and we recommend healthcare policy makers and researchers take our actionable steps to defend themselves from password spraying campaigns.” 

The two agencies warned last month in a separate alert that cyber criminals were stepping up efforts to target both health care organizations and those working at home, often using phishing emails or ransomware attacks, in which a system is locked up until an individual pays a ransom. 

Malicious cyber activity has increased across the board during the COVID-19 pandemic, with both the World Health Organization and the Department of Health and Human Services targeted by hackers. Hospitals have also become increasingly vulnerable to attacks.