On Tuesday, the premier investigating agency in India, Central Bureau of Investigation (CBI) has alerted all the state police departments to monitor and protect hospitals and other healthcare institutions against the rising coronavirus-themed cyberattacks.
Cybercriminals have been observed increasingly sending coronavirus-themed phishing emails to the organizations worldwide, with the end goal of infecting their systems using malware and later to gain full access control of those systems, including the sensitive data.
The CBI has written to all Interpol Liaison Officers of state police about the increased activities of cybercriminals using phishing techniques to plant ransomware into the IT infrastructure of hospitals, allowing them to block access to sensitive files and documents until the ransom is paid, they said.
Interpol’s Cybercrime Threat Response team at its Cyber Fusion Centre also saw a significant increase in the number of ransomware attempts against the hospitals and other institutions that are engaged in providing coronavirus aid.
CBI, the national central bureau of India is associated with Interpol, Lyon, FR.
“Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage; preventing them from accessing vital files and systems until a ransom is paid,” says the Interpol.
To tackle this, the Interpol has issued a Purple Notice alerting police in all its 194 member countries.
The International police organization also said, “To minimize the risk of disruption in the event a ransomware attack does occur, INTERPOL encourages hospitals and healthcare companies to ensure all their hardware and software are regularly kept up to date. They should also implement strong safety measures like backing up all essential files and storing these separately from their main systems.”
Recently, we have observed many incidents attempted by cybercriminals to target individuals and organizations with these coronavirus-themed cyberattacks.
Late last month, India’s National Cyber Security Coordinator (NCSC) Lt. Gen Rajesh Pant told Economics Times that almost 4,000 fraud portals related to coronavirus have been created across the globe by cybercriminals and other mafia organizations in February and March 2020.
On March 23, The Indian Cybersecurity Emergency and Response Team (CERT-In) had also issued an alert related to Coronavirus pandemic based cyber attacks, saying, “Cyber criminals are taking advantage of victims increased craving for information about Novel Coronavirus due to fear and uncertainty associated with it as the outbreak of the disease is progressing worldwide.”
On March 16, researchers at Malwarebytes reported, APT36 – a Pakistani state-sponsored threat actor used a coronavirus-themed spear phishing mail with a link to malicious document masquerading as the government of India (email.gov.in.maildrive[.]email/?att=1579160420) shown in the below image.
According to security researchers at Malwarebytes, this malicious document has a remote access trojan (RAT) named Crimsom RAT that allows APT36 to hack into systems and collect sensitive information from organizations.