Coronavirus: Cyber criminals target UAE hospitals and people working from home

Users need to be vigilant as hackers look for loopholes

Candid Wueest has warned of the threats posed to hospitals in the UAE by cybercriminals. Courtesy: Acronis
Powered by automated translation

Cyber criminals have targeted UAE hospitals and people working from home as they sought to take advantage of the coronavirus pandemic for financial gain, leading security experts have said.

Across the globe, law enforcement has warned of a rise of sophisticated crimes in which sensitive patient data is snared by online crooks demanding large ransom payments in return for their release.

Candid Wüest, vice president of tech firm Acronis, said he had witnessed a significant spike in numbers of so-called ransomware attacks among the firm's UAE clients since the Covid-19 outbreak.

Acronis said there were 308 cyber attacks on its UAE clients in March compared to 115 in the same month in 2019.

Cyber criminals don't feel any shame when it comes to attacking hospitals

Among those targeted included a number of hospitals, the names of which must remain anonymous for security reasons.

He added all the attempts were successfully blocked.

“Cyber criminals don’t feel any shame when it comes to attacking hospitals and healthcare facilities,” said Mr Wüest.

“It’s vital that hospitals have access to their patients’ files, now more than ever in the middle of a pandemic. If they weren’t able to gain access there could be devastating consequences.

“An ordinary company could try and get their systems back up and running in a day or two but hospitals don’t have that luxury.”

Interpol recently announced it had detected a significant rise in the number of ransomware attacks on institutions involved in responding to the virus across the world.

Ransomware attacks typically take the form of malicious software that stop organisations from being able to access important data until a ransom is paid.

“Hospitals can find themselves having no choice but to pay it as the data that’s being blocked could be the difference between life and death,” said Mr Wüest

“They need access to medical records every minute of every day.”

Hospitals typically do not have the same level of online security as other institutions, such as banks, he said.

“Hospitals often have networks that are not well protected,” he said.

“Machines like respirators and breathing apparatus are essential and are often connected to the internet.

“Criminals target those machines because they see them as having vulnerabilities and weak passwords.”

Aster Healthcare, one of the country's largest providers, told The National it had seen a rise in staff being bombarded with suspicious emails.

“We have definitely noticed an increase in the amount of spam and phishing emails, which can lead to cyber attacks,” said chief information officer Veneeth Purushotaman.

“People are so reliant on digital technology for information it leaves them vulnerable and makes them easy prey for criminals.”

He said a combination of security networks and the diligence of staff had prevented Aster from falling foul of the cyber scams.

However, he warned it was important to remain alert to the dangers posed by the criminals, whose methods were constantly evolving.

Cybercriminals have made unsuccessful attempts to launch ransomware attacks on UAE hospitals.   
Cybercriminals have made unsuccessful attempts to launch ransomware attacks on UAE hospitals.   

“It is difficult to defend against these attacks even with the best security measures in place,” he said.

“That’s why it’s important to keep upgrading and updating security tools.”

Criminals hoping to exploit the global pandemic are also targeting people who find themselves no longer working in the office.

A recent report from tech security firm McAfee warned of a huge worldwide surge in activity from cyber criminals since March, as they tried to capitalise on the panic and uncertainty of the Covid-19 crisis.

The increase in attempts by criminals to profit from the current situation came as little surprise to Maher Yamout, senior security researcher at global security firm Kaspersky.

“Because so many people are working from home and therefore online, there’s a bigger catchment area for cyber criminals than ever,” he said.

“One of the scams they are doing is sending out phishing emails claiming to contain information about deliveries people are waiting on.

“Because so many people are actually waiting on deliveries the likelihood of them clicking the link is higher.”

He said many of the fake emails and links appear convincing with the criminals pretending to be from renowned international companies like Amazon or Netflix, two firms that are experiencing high usage during the crisis.

“I would advise anyone waiting on an order to just go to the company’s website and type in the tracking number to get updates there,” he said.

“I would avoid clicking on the email altogether.”

Tarek Kuzbari, from Boston-based security consultancy Cybereason, opened the firm's new Middle East office in Dubai last month.

He said criminals were aiming their sights at the UAE because they felt it was an affluent country, where the rewards could be high.

“Employees used to be working in offices with expensive security systems to protect them from cyberattacks,” he said.

“Now they find themselves working from home and not everyone has been equipped for such an environment.

“Criminals are ramping up the targeting of people at home with less capabilities to protect themselves.”

He said there were even instances where websites had been created by the cybercriminals with statistics about Covid-19, in the hope of exploiting people’s desperation for information about the virus.

“Every time someone accesses those types of sites it will trigger an attack,” he said.