Amid this period of the COVID-19 pandemic, there has been an increase on attacks to the health sector industry, amid the articles that I have come across, the article on the US Health and Human Services Department suffering a cyber attack i.e. a distributed denial of service ( DDoS ). it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours. The DDoS was service impacting and several hours can be the difference between a “Life or Death situation.
I wondered if there had been:
1) Preliminary survey: It is not known for certain if or how the attackers performed reconnaissance on the network prior to the attack, but it probably would not have required much more than internet searches.
- Why this timing of the attack and motive behind it: Why target the U.S. Health and Human Services Department?
According to the Bloomberg article, in quotes
https://www.bloomberg.com/news/articles/2020-03-16/u-s-health-agency-suffers-cyber-attack-during-covid-19-response
“The U.S. Health and Human Services Department suffered a cyber-attack on its computer system, part of what people familiar with the incident called a campaign of disruption and disinformation that was aimed at undermining the response to the coronavirus pandemic and may have been the work of a foreign actor”.
“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.”
Mei X Wang says
Hi Chidiebele, I agree with what you’re thinking, although this was DDoS attack, this was done by overloading the HHS department’s server. It could’ve been done by writing a script that would reload the page automatically to create those page hits.
Due to the pandemic, I can see why the Health Service sector would be the target of these attacks. U.S. has been criticized tremendously on our inability to control the pandemic, and foreign actors might’ve just used this chance to create more havoc. By spreading misinformation, it would cause a frenzy and consumers might panic buy items, it would create a disruption that might be beneficial to the attacking party.
Vraj Patel says
Hello Chidiebele,
There sure would be multiple attacks against the healthcare industry at the moment. As well there are always been multiple cyber attacks on the healthcare industry since they would have multiple PII information. During your research for this discussion have you seen if there were any recent successfully cyber attack on any of the healthcare industry?