US Department of Health computers targeted by hackers amidst COVID-19 crisis

Health and Human ServicesA cyberattack, coupled with a disinformation campaign, targeted the computer systems of the United States Department of Health and Human Services (HHS), in what officials believe was an effort to undermine America’s response to the coronavirus pandemic.

The cyberattack reportedly took place on Sunday night, when online administrators at HHS noticed an abnormal spike in requests to the department’s servers. The number of requests grew to several million within a few hours, according to Bloomberg News, which first reported the incident. A few hours later, a campaign of disinformation was launched against the HHS, along with text messages warning that martial law would be declared across the nation and a two-week curfew would be imposed by the Armed Forces.

The disinformation campaign prompted a tweet by the US National Security Council on Sunday. The tweet warned against “fake” text messages spreading unsubstantiated rumors. There was no elaboration about the content of these text messages. On Monday, the HHS acknowledged that its computer systems had come under attack the previous evening. However, it said that the hackers behind the attack had failed to compromise the integrity of the Department’s computer systems, and that no data had been stolen.

Later on Monday, the HHS said that it was still investigating what it described as “a significant increase in activity” on its computer infrastructure. But it added that its systems remained “fully operational” and that the functionality of its networks had suffered “no degradation”. An HHS spokesman said the Department had augmented its cybersecurity protections in light of the COVID-19 emergency. Consequently, it had suffered no loss of operational capacity or data as a result of the cyberattack.

Speaking at the White House on Monday, HHS Secretary Alex Azar said that the source of the cyberattack was under investigation and refused to speculate as to the identity of the culprit or culprits. However, Bloomberg said that some US government officials suspect that the attack “may have been the work of a foreign actor”. On March 13, the US news network NBC cited experts from several cybersecurity firms who warned that spy agencies around the world were sending out coronavirus information in an attempt to “hack and spy on their targets”.

Author: Joseph Fitsanakis | Date: 17 March 2020 | Research credit: M.S. | Permalink