One area that cybercriminals have been willing to avoid – or not attack as regularly – has been the healthcare space. But does it mean threat actors have a moral code?
Cybercriminals tend not to care much about who or how they attack. They’re eager to earn money, and will stop at almost nothing in order to achieve that. They’ve been more than willing to capitalize on natural disasters, attacking people and taking advantage of them when they’re at their most vulnerable.
As a result, they’ve become rich, with some of the biggest cybersecurity gangs netting millions every single year as a result of their attacks. It’s become an entire industry, supported by an ecosystem that feeds the crime and propels it further into our lives, making more and more victims out of all of us.
While there have been plenty of attacks launched off the back of phishing texts and emails inviting people to book Covid vaccine appointments and more, those hackers have tended to steer clear of attacking those treating the most vulnerable during the time of the pandemic.
A moral compass
It’s evident that there is a moral compass among thieves. When healthcare systems were strained to their maximum, it appeared that hackers let off their attacks on such systems. They had, of course, managed to catch them in their hacking dragnet before, with the UK’s National Health Service paying £92 million to fix the impact of WannaCry, the 2017 worldwide virus attack that took systems offline.
But since the coronavirus began spreading around the world, hackers have tended to avoid piling problems on top of already overstretched healthcare systems. Instead, they’ve focused on other targets. Until now.
Kroll’s latest Cyber threat Landscape report (Q2 2022), released this month, has found that there has been a 90% increase in the number of healthcare organizations targeted by cyberattacks in comparison with Q1 2022. It's a sea change in hackers' approach to these things, they say.
The NHS, back under attack
And it’s not just generally across the healthcare system that the idea that the uneasy détente has been broken can be found. The UK’s National Health Service, which suffered so badly under the 2017 WannaCry attack, is once again finding itself struggling as it falls victim to a hack attack.
A ransomware attack launched against Advanced, a software supplier to the NHS, has caused catastrophic consequences for a health system already struggling to get back on an even keel after the pandemic. The problem has been huge because one of Advanced’s software packages is used by 85% of NHS 111 services, the non-urgent phone number that those who do not need an ambulance can call.
The attack on Advanced is believed to have affected five different pieces of software used in the NHS. Adastra is a clinical patient management software that impacts around 40 million patients. Caresys is a care home management software that helps over 1,000 care organizations, while Carenotes is an electronic patient record software used by over 40,000 clinicians. Also affected are Crosscare, a clinical management system for hospices and private practice used by over 70 adult and children’s hospices across the UK, and Staffplan, a care management software that helps over 1,000 care organizations.
So what’s changed? Some say that the gloves have come off because of a change in attitude towards Russia, where a good number of cyber criminals are based, following the country’s invasion of Ukraine. Four in five NHS trusts have seen a significant increase in attacks since the war there began, according to research company Armis. “Normally, what often happens in the cyber realm can be a consequence of something that happens in geopolitics, in the physical world,” Armis told the Telegraph.
More from Cybernews:
Subscribe to our newsletter