Prevailion CEO: Cyberattacks on Healthcare Won’t be Tolerated

Healthcare Crosshair image
25 March 2020

As if the world needed another example, a ransomware group has proven there is no honor among thieves. 

The cybercriminal group Maze attacked the network of Hammersmith Medicines Research, a London-based medical research company, on March 14. The group then leaked the personal data and medical details of thousands of former patients online, according to ComputerWeekly.

HMR is one of several London firms situated to conduct medical trials for COVID-19 vaccines. 

Beyond the despicable nature of the attack, of note is that Maze had made a public vow on March 18 not to target the medical industry in the midst of the coronavirus pandemic, saying they would “stop all activity versus all kinds of medical organizations until the stabilization of the situation with the virus.”

Hospitals and the healthcare industry at large are regularly in the crosshairs of cybercriminals, as these organizations house personally identifiable information (PII) that can be lucrative for criminals. Such institutions must also regularly fend off ransomware attacks that encrypt critical systems, which can disrupt medical equipment and hinder patients from getting timely care. Paying the demanded ransom in such cases is not advisable, but often happens because victims feel desperate, hastily paying because it is a quick route to a solution. 

While HMR is not a hospital, it works as a service provider within the healthcare industry. The timing of Maze’s attack thus resonates as being particularly offensive in the wake of COVID-19 becoming a pandemic. 

“Prevailion chooses targets based on who chooses to attack the innocent and vulnerable.”

Prevailion won’t tolerate such attacks on critical infrastructure. Targeting weaknesses in hospitals and healthcare services is unconscionable, even in the best of times. But on top of the current pandemic crisis, with hospital staff stretched thin, it is inhumane, and could lead to loss of life.

“Hospitals are understaffed and overworked and not paying attention, and then if you hit the hospital with an attack, like a ransomware attack, you’re going to debilitate an environment pretty heavily,” said Prevailion CEO Karim Hijazi. “Prevailion chooses targets based on who chooses to attack the innocent and vulnerable. They are now in our crosshairs.”

Prevailion has real-time visibility on cybercriminals as they conduct global attacks like these, and we are doing everything we can to assist authorities in bringing criminals to justice. In February, we worked with U.S. law enforcement officials to coordinate efforts to mitigate a pandemic WordPress threat, and we will continue to do so in the future. 

Using our platform, organizations can view their active and historical cyber contagion or search their third-party network for similar threats. We show evidence of actual cyber compromises—continuously. That kind of visibility isn’t available anywhere else.

Prevailion is offering healthcare organizations free, unlimited access to our Apex platform of compromise intelligence through May 4, 2020. Sign up today.

The Latest

Prevailion CEO, Karim Hijazi – Cheddar News- FCC commissioner calls on Apple and Google to ban TikTok app

A member of the FCC renewed urgency calls on Apple and Google to remove TikTok from their app stores, raising concerns that TikTok’s Chinese-based parent company is collecting user data that is being accessed in China.

IRONSCALES Cyber Security Heroes: The New Cyber Era Post Ukraine Invasion

What Wicked Webs We Un-weave

What Wicked Webs We Un-weave: Wizard Spider once again proving it isn’t you, it isn’t me; we search for things that you can’t see Authored by: Matt Stafford and Sherman Smith Executive summary: In late January 2022, Prevailion’s Adversarial Counterintelligence Team (PACT) identified extensive phishing activity designed to harvest credentials for Naver. Naver is a […]

Copyright 2023 Prevailion, Inc. All rights reserved.    

Disclaimer: Gartner “Cool Vendors in Security Operations and Threat Intelligence,” Mitchell Schneider, Ruggero Contu, John Watts, Craig Lawson, October 13, 2020. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner Disclaimer: The GARTNER COOL VENDOR badge is a trademark and service mark of Gartner, Inc. and/or its affiliates and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.