Amid Pandemic, Microsoft Alerts Dozens of Hospitals Vulnerable to Ransomware Threat
Microsoft said it warned 'several dozens of hospitals' about vulnerabilities in their networks that could be used to deliver ransomware to their IT systems.
As doctors care for the sick during the coronavirus pandemic, Microsoft is trying to protect their hospitals from ransomware attacks.
On Wednesday, Microsoft said it warned “several dozens of hospitals” about software vulnerabilities in the online systems they use. The company is concerned hackers could end up exploiting the same flaws to deliver ransomware to hospital computers.
“To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others,” the company wrote in the blog post.
The vulnerabilities Microsoft is worried about deal with network devices, including gateways and VPN servers. Hospitals use these systems so that workers can securely log in and access the local healthcare network and applications.
Unfortunately, the same devices can contain vulnerabilities, making them attractive targets for hackers. One notorious group known as REvil has been doing just that by preying on flaws in vulnerable VPN servers to steal passwords, which can then be used to infiltrate an organization’s IT infrastructure.
Not helping the matter is how many healthcare providers also use outdated software, such as Windows 7 and Windows XP. This can make them even more vulnerable to attack.
Microsoft didn't say how it learned which hospitals were susceptible to REvil's attacks. But the company has been tracking the group's activities, and fears hospitals will fall prey to them, which could put lives at stake in light of the ongoing pandemic. “Now more than ever, hospitals need protecting from attacks that can prevent access to critical systems, cause downtime, or steal sensitive information,” the company added.
Ransomware is particularly problematic because the attacks can encrypt entire fleets of computers, effectively shutting them down. To free them, the victims have to pay a ransom, which in some cases can reach six figures or more.
Whether the affected hospitals heeded Microsoft’s warnings remains unclear. But the company’s blog post does contain tips on helping both hospitals and businesses protect themselves from potential ransomware attacks.
Some of Microsoft’s employees are also part of a newly-announced coalition of 360 security researchers, who’ve banded together to protect hospitals from cyber attacks during the pandemic. According to Reuters, the group has already dismantled one campaign that was using a software vulnerability to distribute malicious computer code.