The cybercriminal group Maze attacked the network of Hammersmith Medicines Research, a London-based medical research company, on March 14. The group then leaked the personal data and medical details of thousands of former patients online, according to ComputerWeekly.
HMR is one of several London firms situated to conduct medical trials for COVID-19 vaccines.
Beyond the despicable nature of the attack, of note is that Maze had made a public vow on March 18 not to target the medical industry in the midst of the coronavirus pandemic, saying they would “stop all activity versus all kinds of medical organizations until the stabilization of the situation with the virus.”
Hospitals and the healthcare industry at large are regularly in the crosshairs of cybercriminals, as these organizations house personally identifiable information (PII) that can be lucrative for criminals. Such institutions must also regularly fend off ransomware attacks that encrypt critical systems, which can disrupt medical equipment and hinder patients from getting timely care. Paying the demanded ransom in such cases is not advisable, but often happens because victims feel desperate, hastily paying because it is a quick route to a solution.
While HMR is not a hospital, it works as a service provider within the healthcare industry. The timing of Maze’s attack thus resonates as being particularly offensive in the wake of COVID-19 becoming a pandemic.
Prevailion won’t tolerate such attacks on critical infrastructure. Targeting weaknesses in hospitals and healthcare services is unconscionable, even in the best of times. But on top of the current pandemic crisis, with hospital staff stretched thin, it is inhumane, and could lead to loss of life.
“Hospitals are understaffed and overworked and not paying attention, and then if you hit the hospital with an attack, like a ransomware attack, you’re going to debilitate an environment pretty heavily,” said Prevailion CEO Karim Hijazi. “Prevailion chooses targets based on who chooses to attack the innocent and vulnerable. They are now in our crosshairs.”
Prevailion has real-time visibility on cybercriminals as they conduct global attacks like these, and we are doing everything we can to assist authorities in bringing criminals to justice. In February, we worked with U.S. law enforcement officials to coordinate efforts to mitigate a pandemic WordPress threat, and we will continue to do so in the future.
Using our platform, organizations can view their active and historical cyber contagion or search their third-party network for similar threats. We show evidence of actual cyber compromises—continuously. That kind of visibility isn’t available anywhere else.
Prevailion is offering healthcare organizations free, unlimited access to our Apex platform of compromise intelligence through May 4, 2020. Sign up today.
Hijazi discusses Microsoft hack parallels with SolarWinds and how China and Russia likely execute their cyber campaigns.
See Prevailion CEO, Karim Hijazi, comment on how nation states use proxy groups to compromise organizations through weaker supply chain points.
See Prevailion CEO, Karim Hijazi, weigh in on a second solar winds hack and how elite hacker groups have likely already compromised many top companies around