INTERPOL has been forced to issue an alert to global police about the heightened risk of ransomware attacks on hospitals and other front-line organizations as they battle the COVID-19 pandemic.
The law enforcement organization said it issued a Purple Notice to all 194 member countries, highlighting the scale of the threat. Its Cybercrime Threat Response team claimed to have detected a “significant increase” in attempted ransomware attacks.
“As hospitals and medical organizations around the world are working non-stop to preserve the well-being of individuals stricken with the coronavirus, they have become targets for ruthless cyber-criminals who are looking to make a profit at the expense of sick patients,” said Interpol secretary general Jürgen Stock.
“Locking hospitals out of their critical systems will not only delay the swift medical response required during these unprecedented times, it could directly lead to deaths. INTERPOL continues to stand by its member countries and provide any assistance necessary to ensure our vital healthcare systems remain untouched and the criminals targeting them held accountable.”
To help out, INTERPOL said it is providing technical support and advice on how to protect key medical infrastructure.
The primary threat vector appears to be phishing emails spoofed to appear as if sent from trusted government sources, it said.
The news comes just days after Microsoft warned several dozen hospitals in a “first-of-its-kind notification” that their gateway and VPN appliances are vulnerable to ransomware groups scanning for exposed endpoints.
A study from the Vanderbilt University and the University of Central Florida published last year warned that data breaches at hospitals led to 36 additional deaths per 10,000 heart attacks per year.
It added that ransomware outages “might have an even stronger short-term negative relationship with patient outcomes than the long-term remediation efforts studied here.”