If someone could stop hackers pwning medical systems right now, that would be cool, say Red Cross and friends
The rules of war that protect hospitals should extend into cyberspace
Following the surge of cyber attacks on medical facilities, the head of the International Committee of the Red Cross (ICRC) and more than 40 other international leaders asked the governments of the world to do more to safeguard critical medical organizations amid the coronavirus pandemic.
In an open letter published on Tuesday, Peter Maurer, president of the ICRC, and other prominent signatories asked the world's government's "to take immediate and decisive action to stop all cyber attacks on hospitals, health care and medical research facilities, as well as on medical personnel and international public health organizations."
In recent weeks, the letter says, there have been cyber attacks on healthcare facilities in the Czech Republic, France, Spain, Thailand, and the US, among others.
Last month, the US Cybersecurity and Infrastructure Security Agency (CISA) warned about "a growing use of COVID-19-related themes by malicious cyber actors." Also in April, Google reported that its security systems were catching "18 million malware and phishing Gmail messages per day related to COVID-19, in addition to more than 240 million COVID-related daily spam messages."
And the World Health Organization said it had seen an uptick in online attacks on its staff and the general public.
Surprise surprise! Hostile states are hacking coronavirus vaccine research, warn UK and USA intelligenceREAD MORE
However, the call to have governments cooperate to fight attacks on healthcare organizations may not go so well if, as US authorities have claimed, governments are behind some of the hacking. Earlier this month, the FBI and CISA said they are investigating attempts to compromise US organizations conducting COVID-19 research to steal research data.
Nonetheless, the ICRC argues that the world has agreed to spare healthcare facilities from attack during wartime and we should not tolerate internet attacks either.
The Register asked the ICRC what it hopes to accomplish by demanding governments do more, given that nations already oppose illegal hacking and attempt to apprehend miscreants. We've not received a response.
In an email to The Register, Mike Hamilton, CISO at CI Security, a cybersecurity biz focused on the health sector, expressed skepticism that miscreants will moderate their behavior because the ICRC has raised the alarm but suggested that more international cooperation might help.
"I don’t think the ransomware operators, [business email compromise] fraudsters, etc. will give up by being asked," he said. "Note how bad unemployment impersonation fraud is right now – criminals stealing from people that are really down (bastards)."
"However, if governments talk and make some agreements this may have the potential to start treating our logical borders like our physical borders: if you don’t maintain a standard of behavior (speaking to country X), we lock out your legit business traffic and your business leaders can go scream to [political] leaders to fix things." ®