Skip to main content

Microsoft is warning hospitals facing ransomware attacks

(Image credit: Image Credit: Lightpoet / Shutterstock)

Microsoft has started notifying hospitals vulnerable to known threats, the company announced in a blog post earlier this week.

Hospitals and other healthcare institutions around the world are being pushed to their limits thanks to the coronavirus outbreak, and hackers are using it as an opportunity to compromise their networks, steal money and data, and wreak havoc in the process.

Some of the vulnerabilities are relatively known, at least to Microsoft. The company knows that REvil targets vulnerabilities in VPN devices and gateway appliances to spread the Sodinokibi ransomware, for example. It is now taking a proactive stance in hopes of helping hospitals protect themselves during this time of crisis.

"Through Microsoft’s vast network of threat intelligence sources, we identified several dozens of hospitals with vulnerable gateway and VPN appliances in their infrastructure,” the company said.

“To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular exploits and others like it," Microsoft said.

The company hopes that these notifications will prompt hospitals and other healthcare institutions to update their cybersecurity solutions and prevent criminals from abusing them. It listed six mitigation measures to use against human-operated ransomware attacks, including hardening internet-facing assets, investigating alerts thoroughly, including IT pros in all discussions, building credential hygiene, monitoring for adversarial activities and hardening the infrastructure.