Britain and the United States warned Tuesday of a rise in cyber attacks against health professionals involved in the coronavirus response by organised criminals “often linked with other state actors”.
The transatlantic allies’ cyber security agencies issued a joint warning to healthcare and medical research staff, urging them to improve their password security amid the threat.
Britain’s National Cyber Security Centre (NCSC) and the US Cybersecurity and Infrastructure Security Agency (CISA) said they had seen “malicious cyber campaigns targeting organisations involved in the coronavirus response”.
The two agencies added they had detected large-scale “password spraying” tactics — hackers trying to access accounts through commonly used passwords — aimed at healthcare bodies and medical research organisations.
British Foreign Secretary Dominic Raab echoed the warning at the daily Downing Street coronavirus press conference, noting perpetrators had “various objectives and motivations” — from fraud to espionage.
“But they tend to be designed to steal bulk personal data, intellectual property and wider information that supports those aims.
“And they’re often linked with other state actors,” he said.
In their joint warning, the NCSC and CISA said they had identified targeting of national and international healthcare bodies, pharmaceutical companies, research organisations, and local government.
They added “the likely aim” was gathering information related to the pandemic.
The agencies advised healthcare staff to change any passwords that might be guessed to one created with three random words, as well as implementing two-factor authentication to reduce the risk of being hacked.
Paul Chichester, NCSC Director of Operations, said his agency was “prioritising any requests for support from health organisations and remaining in close contact with industries involved in the coronavirus response”.
“But we can’t do this alone, and we recommend healthcare policy makers and researchers take our actionable steps to defend themselves from password spraying campaigns.”