As the world battles through Coronavirus, doctors, researchers, and governments across the globe are working towards developing a vaccine for COVID-19. One such medical facility that’s helping with tests of coronavirus vaccines was attacked by a ransomware group.
As reported by ComputerWeekly, Hammersmith Medicines Research (HMR), a British company that has earlier tested the Ebola vaccine and is currently focusing on medical trials on any COVID-19 vaccine was attacked by the Maze ransomware group. The ransomware group attacked the computer systems of Hammersmith Medicines Research (HMR) and posted the personal details of thousands of the company’s former patients as the company declined to pay the company their demanded ransom.
HMR discovered the “severe attack” on 14th March during which they managed to halt the system and restore all the computer systems. “We repelled [the attack] and quickly restored all our functions. There was no downtime,” Malcolm Boyce told ComputerWeekly, managing and clinical director and doctor at HMR. According to Boyce, hackers sent them the medical files of former patients, about 8 to 20 years old as a proof that they had gained access to the company’s sensitive data and also demanded a ransom. “We have no intention of paying. I would rather go out of business than pay a ransom to these people,” added Boyce.
The Maze ransomware group made a public promise recently to not attack medical organisations amid the coronavirus pandemic. It has now removed over 2,300 highly sensitive medical files from former patients of Hammersmith Medicines Research (HMR) from its website. The ransomware group said that it had attacked HMR on the 14th March before it publicly promised not to attack medical institutions. However, the group has warned of more attacks and blames it on companies who are earning billions of dollars from the internet but do not care about security or privacy.
In another related news, hackers have been taking advantage of the sensitive Coronavirus pandemic situation. It was recently reported that hackers are now selling their malware and other exploitation tools at a discounted rate on the dark web with the help of code – “COVID-19” and “Coronavirus”.
Another malware was spotted by Shai Alfasi, security researcher at Reason Labs, who revealed that hackers are gaining access to personal user credentials stored on browsers using fake Coronavirus maps. Similarly, researchers at the cybersecurity firm, DomainTools, have also spotted a domain that claims to offer real-time Coronavirus outbreak tracker via an app that’s infected with ransomware.