How hackers could cause a cyber doomsday during coronavirus pandemic – from shutting down hospitals to crashing banks – The Sun

THE hospital's blaring PA system urgently ordered all staff to shut down every computer on the site, as terrified new patients were turned away at the door.

Doctors at Brno University Hospital, Czech Republic, had no choice but to cancel surgeries and send patients elsewhere — the facility was being targeted by a devastating cyber attack.

⚠️ Read our coronavirus live blog for the latest news & updates

That despicable assault in March was just one of many cyber attacks targeting crucial medical services that have been launched during the coronavirus pandemic.

The ongoing global crisis presents a golden opportunity for cyber criminals to make millions selling stolen information ⁠— and for spy agencies looking to cause chaos in enemy states.

Last month, Interpol warned of a massive spike in digital attacks on hospitals and other key organisations.

A spokesperson said cybercriminals were using computer viruses "to hold hospitals and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid".

Worryingly, the surging cyber threat is also affecting the UK.

Earlier this month, Dominic Raab used his daily coronavirus press conference to slam hackers targeting research facilities, hospitals and pharmaceutical companies as Covid-19 wreaks havoc around Britain.

"There are various objectives and motivations that lie behind these attacks — from fraud on the one hand to espionage," the Foreign Secretary said.

“But they tend to be designed to steal bulk personal data, intellectual property and wider information that supports those aims."

Spies, criminal gangs, and fraudsters are all lining up to exploit the coronavirus crisis for their own criminal ends.

Here's how they could bring about a digital doomsday — from swiping our savings to crashing the banking system.

Gangs targeting vaccine secrets

With threats mounting in cyberspace, Raab specifically condemned "Advanced Persistent Threat (APT) groups — sophisticated networks of hackers who try to breach computer systems".

APTs can be highly technical state-sponsored crews capable of the most serious types of digital spying.

"The difference between APT and a normal cyber attack is that it’s advanced, targeted, and persistent," says Stephen Burke, a cyber security expert and CEO of Cyber Risk Aware.

"They are targeting specific organisations, specific individuals, or specific departments in specific sectors."

Nation states and criminal gangs seeking riches are already targeting researchers and organisations working on a vaccine for the coronavirus.

In the US, the FBI and Department of Homeland Security has formally accused China of launching cyber attacks on labs researching a potential Covid-19 vaccine.

"The potential theft of this information jeopardises the delivery of secure, effective, and efficient treatment options,” an FBI and DHS statement read.

Stephen says hackers know which scientists to target using OSINT or "open-source intelligence": information freely available through platforms like social media and article information.

These guys have zero empathy.

He suspects those who previously worked on the SARS epidemic in the early 2000s will be in the hackers' cross-hairs.

But it's not just spy agencies who will be launching cyber attacks.

"Large pharmaceutical companies are trying to look at what other companies are doing as well," Stephen says.

"It’s called corporate espionage, and let’s not sugarcoat it — that has been going on forever and an age.

"Is that suddenly going to stop now because everyone feels like we should all work together?"

Labs hit by cyber attacks will have to spend critical time and cash retrieving stolen intellectual property and vaccine research.

And that, ultimately, could lead to a delay in the successful development of a vaccine, causing untold lives to be lost.

Hospitals disrupted

It's not just the development of a vaccine that could be imperilled by cyber attacks.

Extremely sophisticated ransomware attacks could bring vast organisations, including those providing critical infrastructure, to their knees.

These attacks encrypt the data on a network so that the user can't access it until a Bitcoin ransom is paid to the hackers to decrypt the files again.

Fraudsters will use any opportunity they can to take money from innocent people.

In 2017, one of the biggest ransomware attacks of all time, WannaCry, infected over 200,000 computers — including those used by the NHS.

The attack, which is thought to have been launched by North Korea, ended up costing the NHS an eye-watering £92million to fix and led to the cancellation of 19,000 appointments.

And it was also a ransomware attack that took down the Czech hospital.

"These guys have zero empathy," Stephen says.

"Even during the start of this Covid pandemic, you had hospitals in the Czech Republic hit with ransomware."

Widespread disruption in the UK like the WannaCry attack could prove catastrophic as medics and politicians battle to keep the pandemic under control.

And there are already worrying attacks underway targeting critical infrastructure companies in Britain.

Interserve, which helped build the NHS Nightingale emergency hospital in Birmingham, and BAM Construct, which built hospitals in Yorkshire and the Humber, have both reported cyber attacks last week.

If medical networks go down, countless lives could be lost.

How to protect yourself from cyber attacks

There are a few simple things you can do to protect your devices and accounts from hackers.

  • Use the latest antivirus software
  • Delete out of date and risky software like Adobe's Flash
  • Update your system software whenever your operator recommends
  • Check your computer's fans aren't whirring even when you aren't running a large programme
  • Update your router's software when recommended
  • Changing your WiFi password from the default setting
  • Never use the same password twice and use a password manager to store your logins
  • Use a VPN when browsing the web
  • Beware potential phishing emails – never click a link or download an attachment from a suspicious email

Even more terrifying was an attempt to shut down Britain's energy system.

Elexon, which has a central role in the National Grid's infrastructure, said it was hit by a cyber attack on 14th April.

Blackouts could have horrific widespread consequences if communications systems are disrupted, powered heating systems fail, and refrigerated food supplies spoil.

Thankfully, the National Grid says it has "robust cybersecurity measures" to keep the lights on around the country — but it seems malicious actors are doing their best to shut them off, even in the pandemic.

Savings swiped

But as well as lives being lost, millions of ordinary people face being ripped off by cyber scammers.

As the economy hurtles towards the worst recession for 300 years, fraudsters are making the financial misery even worse for some people by exploiting the pandemic to hoodwink them out of their savings.

From the start of lockdown to May 15th, Action Fraud said 1,713 people had been the victims of coronavirus-related scams, losing a combined total of £3,534,983.

It’s like shooting fish in a barrel.

“Fraudsters will use any opportunity they can to take money from innocent people," said Superintendent Sanjay Andersen, Head of the National Fraud Intelligence Bureau.

"This includes exploiting tragedies and global emergencies."

Some of the evil schemes invited kind-hearted people to make donations to bogus charitable organisations.

Other fraudulent emails claim to have an attachment offering important information about the pandemic which, if the user downloads it, installs malware on their computer.

"It’s like shooting fish in a barrel," says Stephen Burke.

"People are super curious, very worried, and latching on to whatever bit of news is coming out.”

But even if people do still have their savings intact, cyber attacks are capable of disrupting the entire banking system.

The most expensive data on the dark web is medical data.

On New Year's Eve 2019, foreign currency exchange giant Travelex was blindsided by a vast ransomware attack that plunged the company into chaos for two weeks.

Some Travelex branches were forced to revert to pen and paper transactions while some customers were left in limbo, unable to collect hundreds of pounds of converted currency.

"That affected the entire banking system, because all the banks were relying on them from a foreign exchange perspective," Stephen says.

"That's critical infrastructure".

If international payments were hampered by a cyber attack, the consequences during the pandemic could be disastrous.

Vital supplies like PPE and medicine require international payments to be made easily.

If payments systems went down, delays to trade could end up costing lives.

Gigantic hack potential

Ironically, the technology put in place to really combat the pandemic could pose problems in and of itself.

A new NHS app is being trialled on the Isle of Wight to help fight the spread of the virus by using Bluetooth to warn people when they've come into close contact with Covid-19 patients.

But if the app is ultimately going to be rolled out nationally, security concerns have been raised about the nation's private medical data.

“This is of national importance," says Burke.

"This is such sensitive information — it’s medical information, it’s going to be highly sought after by cyber criminals.

"The most expensive data on the dark web is medical data."

That's because criminals can use medical information to create fake IDs, buy prescription-only drugs, and even run targeted scams exploiting the sick.

Ultimately, Stephen thinks private individuals and companies alike need to make sure they are aware of cyber scams and how to protect themselves against them.

And there's never been a time when we're more vulnerable than right now, in the midst of the coronavirus crisis.

"I think it’s just created a perfect storm," he says, "A perfect cyber storm”.


Don't miss the latest news and figures – and essential advice for you and your family.

To receive The Sun's Coronavirus newsletter in your inbox every tea time, sign up here.
To follow us on Facebook, simply 'Like' our Coronavirus page.
Get Britain's best-selling newspaper delivered to your smartphone or tablet each day – find out more.

Source: Read Full Article