Romanian authorities said Friday they had disrupted a cybercriminal group that planned to conduct ransomware attacks on hospitals in the country.
The hackers intended to pose as government officials and send malicious emails to public health institutions that purported to contain information on the coronavirus, according to the Directorate for Investigating Organized Crime and Terrorism (DIICOT), one of Romania’s top law enforcement agencies. Such ransomware attacks could disrupt the IT systems of hospitals, DIICOT said.
But before that could happen, police and security officials said they searched the suspects’ properties in Romania and neighboring Moldova. All four suspects were arrested, ZDNet reported.
The hackers planned to threaten hospitals to protest Romania’s state of emergency, which has restricted public gatherings during the COVID-19 pandemic, according to Romanian news outlet Stirile Pro Tv.
The threat of attacking hospitals would be a much more serious crime than the website defacements and other low-skill digital mischief usually associated with the Romanian hacking group, known as Pentaguard. According to Romanian authorities, the hackers sought to use ransomware related to Locky or Bad Rabbit, strains of code that originated in Eastern Europe and have plagued multiple organizations in recent years.
The incident in Romania is the latest example of how hackers have targeted health care organizations as coronavirus spreads around the world.
After unidentified hackers disrupted the IT systems of the Czech Republic’s second largest hospital in March, governments and international bodies warned of the threat to public health. Interpol said it had “detected a significant increase in the number of attempted ransomware attacks against key organizations and infrastructure engaged in the virus response.” Governments, including the U.S. and its allies, have condemned the cyberattacks on the health care sector, which have nonetheless continued.
Cybersecurity professionals around the world have responded by volunteering their time to try to fend off hacking against medical organizations.