Written by Sean Lyngaas
Cybersecurity authorities in the Czech Republic on Thursday warned the public about the threat of an “extensive campaign of cyberattacks” on IT systems and health care facilities that could be carried out in the coming days.
The Czech government’s main cybersecurity agency said a recent spearphishing campaign could indicate that “the preparatory phase of the attacks is already in progress.”
“The information available to us leads to a reasonable fear of the real threat of serious cyberattacks on major targets in the Czech Republic, but especially on healthcare systems, ” said Karel Řehka, director of the Czech National Cyber and Information Security Agency.
Under Czech law, the advisory issued by the cyber agency requires operators of critical infrastructure and major IT systems to heed the warning and take defensive measures. The agency is telling organizations to immediately create offline backups for their data and block remote internet access to systems whenever possible.
The Czech advisory is the latest sign that, while the novel coronavirus has strained health care systems around the world, some malicious hackers are trying to exploit the additional vulnerability.
“This appears to be a serious and credible impending attack,” said Beau Woods, a cyber safety innovation fellow at the Atlantic Council. “Attacks against Central and Eastern European countries can be leading indicators of future attacks elsewhere. U.S. organizations would do well to take action now without waiting for adversaries to begin targeting them.”
At least one of the malicious files in the Czech advisory is part of a batch of code used in a remote access hacking tool, which cybersecurity company SonicWall reported last month. The malware, whose files are named after COVID-19, renders a computer’s hard disk unusable. The code overwrites the master boot record, which tells a computer how to start up.
In March, the computer systems at the Czech Republic’s second largest hospital, which has conducted tests for the virus, were hit by a cyberattack. The attack forced the hospital to postpone some scheduled operations.
In response to cyberthreats to health care during the pandemic, cybersecurity specialists have formed a volunteer group to help protect facilities from hackers.