The International Criminal Police Organisation (Interpol) has warned member countries that cybercriminals were attempting to target major hospitals and other institutions on the front lines of the fight against COVID-19 with ransomware.
In an alert sent to 194 nations, including India, Interpol said organisations at the forefront of the global response to the COVID-19 outbreak had also become targets of ransomware attacks, which were “designed to lock them out of their critical systems in an attempt to extort payments”.
The agency’s Cybercrime Threat Response Team had detected an increase in the number of attempted ransomware attacks against key organisations and infrastructure engaged in the virus response.
“Cybercriminals are using ransomware to hold hospitals and medical services digitally hostage, preventing them from accessing vital files and systems until a ransom is paid,” Interpol said in a note.
Interpol also issued a ‘Purple Notice’. “At this point, the ransomware appears to be spreading primarily via e-mails —often falsely claiming to contain information or advice regarding the coronavirus from a government agency, which encourages the recipient to click on an infected link or attachment,” the agency said. It added that prevention and mitigation efforts were crucial to stopping the attacks.
“As hospitals and medical organizations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cybercriminals who are looking to make a profit at the expense of sick patients,” said Interpol Secretary General Jürgen Stock.
“Locking hospitals out of their critical systems n will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. Interpol continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable,” he added.
Pattern of crimes
Separately, Interpol warned that with a majority of people working from home due to the pandemic, there was a change in the pattern of crimes. The lockdown period had not only led to a “significant” increase in domestic violence but made business establishments/factories vulnerable to thefts.
A spurt in drug commerce via social media/encrypted apps, fraudulent trade in personal protective equipment and anti-viral medicines, and individuals/businesses on reduced income becoming potential targets of loan sharks were among the threats perceived by the organisation.
Since more people were at home, the number of burglaries had dropped. But thieves were increasingly targeting factories or business premises that were locked. “There has also been a significant rise in domestic violence cases since the start of coronavirus-related quarantines, with reports showing women and children at greater risk of abuse. Recent weeks have seen increased online activity by paedophiles seeking child sexual abuse material, which is being exacerbated by a shortage of moderators who identify and remove offensive material from networks.”
Santosh K. Misra, Chief Executive Officer, Tamil Nadu e-Governance Agency and Commissioner of e-Governance, told The Hindu that alerts had been received from the Government of India on the threat of ransomware/malware attacks and the same was communicated to the concerned departments.
“Our appeal to institutions and individuals is not to open any mail or link on coronavirus data or home remedies unless it is from a trusted source like a government agency,” Mr. Misra said. There was also a possibility of e-mail spoofing, where a suspect operating from a remote location would send a mail that would appear as if it came from a known person, he cautioned.