The cybercriminal group Maze attacked the network of Hammersmith Medicines Research, a London-based medical research company, on March 14. The group then leaked the personal data and medical details of thousands of former patients online, according to ComputerWeekly.
HMR is one of several London firms situated to conduct medical trials for COVID-19 vaccines.
Beyond the despicable nature of the attack, of note is that Maze had made a public vow on March 18 not to target the medical industry in the midst of the coronavirus pandemic, saying they would “stop all activity versus all kinds of medical organizations until the stabilization of the situation with the virus.”
Hospitals and the healthcare industry at large are regularly in the crosshairs of cybercriminals, as these organizations house personally identifiable information (PII) that can be lucrative for criminals. Such institutions must also regularly fend off ransomware attacks that encrypt critical systems, which can disrupt medical equipment and hinder patients from getting timely care. Paying the demanded ransom in such cases is not advisable, but often happens because victims feel desperate, hastily paying because it is a quick route to a solution.
While HMR is not a hospital, it works as a service provider within the healthcare industry. The timing of Maze’s attack thus resonates as being particularly offensive in the wake of COVID-19 becoming a pandemic.
Prevailion won’t tolerate such attacks on critical infrastructure. Targeting weaknesses in hospitals and healthcare services is unconscionable, even in the best of times. But on top of the current pandemic crisis, with hospital staff stretched thin, it is inhumane, and could lead to loss of life.
“Hospitals are understaffed and overworked and not paying attention, and then if you hit the hospital with an attack, like a ransomware attack, you’re going to debilitate an environment pretty heavily,” said Prevailion CEO Karim Hijazi. “Prevailion chooses targets based on who chooses to attack the innocent and vulnerable. They are now in our crosshairs.”
Prevailion has real-time visibility on cybercriminals as they conduct global attacks like these, and we are doing everything we can to assist authorities in bringing criminals to justice. In February, we worked with U.S. law enforcement officials to coordinate efforts to mitigate a pandemic WordPress threat, and we will continue to do so in the future.
Using our platform, organizations can view their active and historical cyber contagion or search their third-party network for similar threats. We show evidence of actual cyber compromises—continuously. That kind of visibility isn’t available anywhere else.
Prevailion is offering healthcare organizations free, unlimited access to our Apex platform of compromise intelligence through May 4, 2020. Sign up today.
Karim Hijazi, who served as the director of intelligence of the cybersecurity firm Mandiant and now serves as CEO of the security firm Prevailion, said the hackers will likely have “gone to ground” at this point.
While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another While threat actors like Cozy Bear and Fancy Bear get a lot of attention, there is another sophisticated crime actor that companies need to be watching out for.The group is called TA505 and it is believed to be […]
“This was the most pristine espionage effort, unlike anything we’ve seen in a very long time,” said Karim Hijazi, a former intelligence community contractor. “Everyone in the cybersecurity community is freaking out, because we don’t know where this could stop.”