Spanish Hospital Faces Netwalker Ransomware Attack in the Midst of Pandemic CVVMEST, DOBSSNME
At a time when hospitals are already stretched thin for budget, one of many attackers still thinks it’s a good idea to hold hospitals for ransom, showing organizations always need to be vigilant.
Sent under the guise of a COVID-19 email related to restroom use, this simple attack utilized a .VBS file as the attachment. What makes Netwalker so dangerous is its ability to evade antivirus engines and spread throughout a network .
The good news is that the phishing campaign used to spread Netwalker wasn’t widespread, allowing Spain’s National Police to send out emails to healthcare workers warning them about the scam.
Despite cybercriminal organizations announcing they would not target healthcare organizations in this time of crisis (so noble of them!), it appears that some are still seeing hospitals as viable sources of ransomware revenue. The National Police expect to see over 8,000 incidents a month over the next 12 months targeting every industry vertical.
In the National Police’s email to healthcare workers, the chief commissioner José Ángel González told healthcare workers “the best protection is prevention,” urging them to not open emails.
It’s true; users have the ability to make or break a phishing campaign intent on infecting a system with any form of malware. Users continually engaging with Security Awareness Training are taught to always be on guard, being suspicious of email and web content that may indicate malicious intent.
Spain gets it: the more vigilant your users, the less risk of successful cyberattack.
There is a reason more than half of today’s ransomware victims end up paying the ransom. Cybercriminals have become thoughtful; taking time to maximize your organization’s potential damage and their payoff.
After achieving root access, the bad guys explore your network reading email, finding data troves and once they know you, they craft a plan to cause the most panic, pain, and operational disruption. Ransomware has gone nuclear.