HACKERS TARGET HEALTHCARE

The top cybersecurity agencies in the United States and the United Kingdom on Tuesday warned that hackers are targeting health care organizations and essential services during the COVID-19 pandemic.

The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the U.K.’s National Cyber Security Centre (NCSC) put out a joint alert warning that advanced persistent threat (APT) groups are using the pandemic to zero in on vulnerable organizations involved in fighting the virus.

“APT actors are actively targeting organizations involved in both national and international COVID-19 responses,” the agencies wrote in the alert. “These organizations include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments.”

What the hackers want: The agencies warned that these groups were likely being targeted in order to steal intellectual property and intelligence, such as details on national and international health policies and COVID-19 research.

Hackers are increasingly using “password spraying” to target the organizations, which involves an attacker using common passwords on many accounts repeatedly to gain access.

“Organizations involved in COVID-19-related research are attractive targets for APT actors looking to obtain information for their domestic research efforts into COVID-19-related medicine,” CISA and the NCSC wrote.