Amid the slew of panic due to the global COVID-19 pandemic, cyberattacks on the Healthcare sector became an additional threat level and hurdle to overburdened hospitals, clinics, and research facilities. The attacks on the sector was so overwhelming that several leaders and companies in cybersecurity had come together to combat the cyberattacks, with the C5 Alliance being one of them. But even criminals can have a heart in trying times; several ransomware groups are coming forward to assure that they would hold back from attacking health organizations during the Coronavirus crisis.
Lawrence Abrams from Bleeping Computers reached out to the operators of the Maze, DoppelPaymer, Ryuk, Sodinokibi/REvil, PwndLocker, and Ako Ransomware infections to find out if they would cease to target Healthcare organizations during this time of dire crises.
Among the first ones to respond was DoppelPaymer Ransomware, an infamous human-operated ransomware cybercrime group who stated that they usually avoid attacking hospitals and nursing homes, while also stressing that if they attack governments, they also don’t touch 911 even though emergency communications are hit due to network misconfigurations. They also stated that if any Healthcare organization is hit by mistake, they would decrypt it for free.
Maze ransomware authors also responded stating that, “We also stop all activity versus all kinds of medical organizations until the stabilization of the situation with the virus.” At the time of writing, no other cyber criminals issued any statements.
On the background, according to the UN health agency, criminals were attempting to pose as WHO representatives in an effort to carry out a variety of scams, from account takeovers to phony donation requests, and the spread of malware. KrebsonSecurity also reported that an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious websites to spread malware.
The United States Computer Emergency Readiness Team (US-CERT) sent out alerts on scams tricking people into revealing personal information or donating to fraudulent charities, all under the pretext of helping to contain and manage the coronavirus. The Federal Trade Commission also warned about similar scams.