Amid this period of the COVID-19 pandemic, there has been an increase on attacks to the health sector industry one of the articles that I have come across, the article on the US Health and Human Services Department suffering a cyber attack i.e. a distributed denial of service ( DDoS ). it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours. The DDoS was service impacting and several hours can be the difference between a “Life or Death situation.
I wondered if there had been:
1) Preliminary survey: It is not known for certain if or how the attackers performed reconnaissance on the network prior to the attack, but it probably would not have required much more than internet searches.
2. Why this timing of the attack and motive behind it: Why target the U.S. Health and Human Services Department?
3. There are no new updates in the news on what happened, what was compromised, how did it happen? Are there vulnerabilities?
According to the Bloomberg article, copied and pasted below: and in quotes https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
“The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, part of what people familiar with the incident called a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic and may have been the work of a foreign actor”.
“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”
Amid this period of the COVID-19 pandemic, there has been an increase on attacks to the health sector industry one of the articles that I have come across, the article on the US Health and Human Services Department suffering a cyber attack i.e. a distributed denial of service ( DDoS ). it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours. The DDoS was service impacting and several hours can be the difference between a “Life or Death situation.
I wondered if there had been:
1) Preliminary survey: It is not known for certain if or how the attackers performed reconnaissance on the network prior to the attack, but it probably would not have required much more than internet searches.
2. Why this timing of the attack and motive behind it: Why target the U.S. Health and Human Services Department?
3. There are no new updates in the news on what happened, what was compromised, how did it happen? Are there vulnerabilities?
According to the Bloomberg article, copied and pasted below: and in quotes
https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
“The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, part of what people familiar with the incident called a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic and may have been the work of a foreign actor”.
“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”