Cybersecurity agencies warn of criminals targeting healthcare firms

Cybersecurity agencies in the UK and US have issued a joint warning to healthcare and medical research staff, urging them to improve their password security.

The two agencies say they have seen cybercriminals targeting healthcare bodies, particularly those involved in coronavirus response.

The UK’s National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) have issued an advisory urging staff to change any passwords to one created using three random words, and to implement two-factor authentication on accounts to reduce the threat of compromises.

The agencies say they have seen a number of “password spraying” attacks, where hackers attempt to access a large number of accounts using commonly known passwords, targeting healthcare organisations and other medical groups.

The two bodies said they believe criminals were targeting such organisations in the hope of gathering information related to the coronavirus outbreak.

Paul Chichester, NCSC director of operations, said: “Protecting the healthcare sector is the NCSC’s first and foremost priority at this time, and we’re working closely with the NHS to keep their systems safe.

“By prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response, we can inform them of any malicious activity and take the necessary steps to help them defend against it.

“But we can’t do this alone, and we recommend healthcare policymakers and researchers take our actionable steps to defend themselves from password-spraying campaigns.”

Last month, the NCSC launched its Suspicious Email Reporting Service, following an increase in the number of Covid-19-related email scams, which allows the public to forward emails directly to the centre in order to report suspected scams.

In its first week, the NCSC said the service received more than 25,000 reports, which resulted in 395 scam websites being taken down.

Bryan Ware, CISA assistant director of cybersecurity, said it was prioritising its services to healthcare organisations and other medical groups involved in fighting the coronavirus pandemic, so that those firms can focus on their response to the virus.

“The trusted and continuous cybersecurity collaboration CISA has with NCSC and industry partners plays a critical role in protecting the public and organisations, specifically during this time as healthcare organisations are working at maximum capacity,” he said.