The Covid-19 Not only has everyday life been uprooted; It has also made us more dependent than ever on technology. This has caused the exposure surface of users, companies and public services on the internet to grow enormously. And with it, the number of cyberattacks; of which not even those in charge of ensuring the health of citizens are saved. According to a recent report sent by the cybersecurity company Check Point to ABC, the number of attempted attacks against healthcare companies increased by 45% during the last two months of 2020. Spain, in particular, has seen its figures double. It is the third country with the highest degree of infection, only behind Canada (250%) and Germany (220%). By region, Central Europe (+ 145%), East Asia (+ 137%) and Latin America (+ 112%) have been the most affected.
“The increase in attacks against the health sector is understandable at the moment. What is most striking is that Spain, in particular, has suffered so many attacks compared to other countries. This usually affects normally in countries where private healthcare is stronger. Since the main objective of the cybercriminals behind these campaigns is to get as much money as possible and it is always easier for private companies to pay ”, he explains to this newspaper Eusebio Nieva, Technical Director of Check Point in Spain and Portugal.
Cyberattacks against companies and healthcare centers have become a global trend. And, according to Nieva, it will not disappear during this newly released 2021. In any case, it is expected to go further: “Health companies are more critical than ever because of the pandemic. An attack against them, right now, can pay the cybercriminal a lot of money. ‘
Since Covid-19 locked us at home last March, hospitals in countries such as France, the Czech Republic or Spain have suffered attacks against their systems. The most serious recently reported took place last October at the UKD center in the German city of Düsseldorf. In addition to forcing the hospital to close its ER for 13 days, the attack cost the life of a patient.
To carry out these actions, cybercriminals often use malicious code such as “ransomware”, who are capable of hijacking the equipment of a company to, later, demand a ransom in exchange for regaining control. This is mainly due, according to Check Point, to the fact that hospitals are much more likely to pay the ransom due to the need to have all their systems operating to deal with the increase in coronavirus infections, vaccination programs and others. And, in addition, they usually do not have the most advanced security measures.
“Hospital systems are very focused on functionality and very little on safety. On the one hand, they have many interconnected devices and, furthermore, this interconnection is usually very open so that problems do not arise, ”says the Check Point technical director.
Cyberwar and vaccines
The vaccinations which are currently developing laboratories around the world, have also been targeted in recent months. Last December, the Security X-Force group of the IBM technology company reported a campaign of attacks by «phishing»-Cyber scams in which the victim is tricked into revealing private information- against organizations associated with the Covid-19 cold chain.
The cold chain is a component of the vaccine supply chain, focused on guaranteeing its conservation in controlled temperature environments during storage and transport. For example, in the case of Pfizer and Moderna, it is recommended to keep the vaccines at a temperature of -70ºC.
How organized and effective this campaign was led cybersecurity experts to point out the possibility that they had been sponsored by a country. In other words, an exercise in cyberwarfare. “The objectives of these attacks are often not very clear. When the attack is carried out by a group of cybercriminals, the most common thing is that they look for money. However, when there are states behind it, it is more difficult to understand the motivations. Although the first thing that comes to mind, especially now when several laboratories are trying to develop vaccines, is espionage, “he explains to this newspaper Igor Unanue, chief technology officer for cybersecurity company S21Sec. In turn, the expert points out that it is very difficult to demonstrate the sponsorship of the countries.