Hackers Attack a Medical Center Responsible for COVID-19 Vaccine Trials
While honest, hard-working people are asked to stay at home in order to prevent the spread of the terrible COVID-19 virus, the hackers are as busy as ever. If anything, the coronavirus outbreak has opened new opportunities for them to exploit people's fears and the general state of panic that has engulfed many in these trying times.
Over the last few weeks, numerous schemes were set into motion that use the pandemic in order to trick people into infecting their computers with malware or giving away their personal information. This much was to be expected. Global events that affect thousands often become instrumental in well-socially engineered online scams. What was also to be expected, however, was that the cybercriminals would show a bit of common sense and would try not to disrupt the work of the people who are battling the infectious disease. As it turns out, we were expecting too much.
A medical research center gets hit by the Maze ransomware
On March 14, the operators of the Maze ransomware compromised the IT systems and encrypted data that belongs to Hammersmith Medicines Research, Ltd., a UK-based medical research company. Normally, businesses hit by ransomware are severely affected, and when the target is a healthcare organization, patients often see the consequences all too clearly as well. When you learn what Hammersmith Medicines Research does, however, you'll see that the attack could have impacted a much larger number of people.
According to SiliconAngle.com, in the past, Hammersmith Medicines Research has worked on developing a vaccine for Ebola as well as various drugs that treat diseases like Alzheimer's. Like all healthcare organizations, it too, is involved in the fight against the new coronavirus. In fact, SiliconAngle wrote that it "is set to carry out trials of a possible vaccine for COVID-19." With their cyberattack, the hackers put these trials at risk and threatened to delay a vaccine that could stop what has been described as one of the most rapidly spreading viruses in the world.
We're happy to report that Hammersmith Medicines Research was relatively well-prepared. The research facility had backups from which it restored the data and quickly brought everything back to normal. Unfortunately, this wasn't the end of the story.
The Maze ransomware gang leak patients' sensitive data
Those of you who follow the ransomware scene closely might have noticed a new trend that emerged a few months ago. Ransomware gangs have been mostly aiming their attacks at organizations rather than individual users for a while now, but one of the problems they've faced is that like Hammersmith Medicines Research, quite a few companies keep fresh, working backups of their important data and refuse to pay the ransom. To give themselves more blackmail leverage, ransomware operators started stealing data in addition to encrypting it. Organizations who refuse to pay the ransom are now told that if they don't comply, the data will be publicly leaked.
This is exactly what happened with Hammersmith Medicines Research. According to ComputerWeekly.com, after the healthcare organization made it clear that it won't cave in to the hackers' demands, the crooks leaked copies of passports, driving licenses, and national insurance numbers of more than 2,300 patients along with some medical questionnaires.
As usual, in the end, it was unsuspecting people that suffered the most.
Is common sense prevailing among crooks?
The Maze ransomware and its operators have gained quite a lot of popularity over the last few months. The fact that they're following through on their threats to leak information stolen from their victims goes to show that they are completely ruthless. Nevertheless, even they seem to have realized that the coronavirus pandemic that the world is fighting against is no joke.
Last week, they issued an "official press released" and announced that they will stop all attacks on medical organizations until the pandemic is over. Obviously, it would have been even nicer if they announced that they're about to pursue a different career entirely, but even so, the news that they're not going to get in the way of the people who are trying to get us out of this situation is good. Let's hope the crooks keep their promise.