Department of Health and Human Services Targeted in Cyberattack
The U.S. Department of Health and Human Services (HHS) has been targeted by cybercriminals in what appears to be an attempt to overwhelm its website with millions of hits. According to a statement issued by HHS spokesperson, Caitlin B. Oakley, the HHS detected “a significant increase in activity on HHS cyber infrastructure” in what appears to have been an attempted Distributed Denial of Service (DDoS) attack.
The individuals responsible for the attack were unsuccessful thanks to additional protections put in place to mitigate DDoS attacks as part of HHS preparation and response to the COVID-19 pandemic. “HHS has an IT infrastructure with risk-based security controls continuously monitored in order to detect and address cybersecurity threats and vulnerabilities,” explained Oakley.
No data breach was experienced and the HHS and federal networks are continuing to function normally. Federal cybersecurity professionals are continuing to monitor HHS computer networks and will take appropriate actions to protect those networks and mitigate any further attacks should they occur. The federal government is investigating the attack and at this stage it is unclear who was responsible.
“We have extremely strong barriers, we had no penetration into our networks, no degradation of the functioning of our networks, we had no limitation on the ability or capacity of our people to telework, we’ve taken very strong defensive actions,” said HHS Secretary, Alex Azar.
The White House National Security Council (NSC) sent a tweet on Sunday warning about a disinformation campaign which suggests President Trump is about to order a national quarantine and that the country will be placed on lockdown, as has been the case in Italy and Spain. The NSC tweet explained that these text message rumors are fake. It is unclear if the attempted DDoS attack and text message campaign are related.
There are also several phishing campaigns being conducted that are using fear about SARS-CoV-2 and COVID-19 to spread malware and obtain sensitive information. The malicious email campaigns are likely to increase as the pandemic develops. If you receive any email communication related to SARS-Cov-2 and COVID-19, verify the validity of the message before taking any actions.
For up to date information and guidance on SARS-Cov-2 and COVID-19, visit the Centers for Disease Control and Prevention (CDC) website – CDC.gov.
Illinois Public Health Network Suffers Ransomware Attack
Last week, cybercriminals launched a cyberattack on the Champaign-Urbana Public Health District in Illinois and deployed Netwalker (MailTo) ransomware. The attack disabled the public health district’s website on the morning of March 10, 2020. The incident was investigated and was confirmed as a ransomware attack within a couple of hours.
Employees were able to continue to access critical systems during the website outage. No electronic medical records or other sensitive data have been compromised. Medical records were migrated to the cloud 6 months previously. The Champaign-Urbana Public Health District has since been restored.