Recently, Bleeping Computer posted an article about how the major players behind some of the most destructive ransomware would not target health organizations during the COVID-19 pandemic. Uzado posted a blog about it, along with a warning that a crisis is a great time for a criminal organization to strike.
Unfortunately, many security experts were right not to trust these hacking groups. Forbes published an article on March 23 about an attack of Maze ransomware on Hammersmith Medicines Research. Hammersmith is a British company that previously tested the Ebola vaccine and is on standby to perform the medical trials on any COVID-19 vaccine. Just days before this article, the hackers behind Maze said that they would not be targeting health organizations. Even worse, Maze has published patient data online in an attempt to extort payment from Hammersmith.
Fortunately for Hammersmith, they were able to stop the ransomware attack and restore their systems without having to pay a ransom: "We repelled [the attack] and quickly restored all our functions," said Malcolm Boyce, Clinical Director at Hammersmith, "there was no downtime." Unfortunately, The Maze attackers managed to exfiltrate patient records, and has published some of them online. Boyce told Computer Weekly that the hackers had sent Hammersmith Medicines Research sample files containing details of people who participated in testing trials between eight and 20 years previously. The Maze operators then published samples of data on the dark web. The Information Commissioner’s Office (ICO) and the National Crime Agency (NCA) have been notified and are investigating.
What this shows is, that given opportunity to make money quickly, a criminal will strike. Criminals don’t care if you are dealing with Coronavirus or any other crisis. If there is an opportunity to make money, they will take it! As an organization, you are still bound to industry and government compliance standards to keep data safe. It is just as important now to ensure that you are keeping your data and assets safe.