As the U.S. ramped up its response to the coronavirus
pandemic, a cyberattack on the Health and Human Services (HHS) Sunday night
aimed to slow down the agency’s computer systems.
The initiative didn’t make much of an impact. “Luckily it slowed, but didn’t break or compromise anything,” said
Marty Puranik, CEO of Atlantic.Net.
The attack “spread serious misinformation regarding a national quarantine, sending many officials and the public into a panic,” said Rui Lopes, engineering and technical support director at Panda Security.
“The ability to disrupt systems and
increase public misinformation are viable threats while we are all adjusting to
societal changes,” said Jack Mannino, CEO at nVisium. “Eroding trust in our
systems during a crisis is a perfect way to cause increased chaos.”
That kind of disruption is often a hallmark of nation-state
actors. But Rick Holland, CISO, vice president of
strategy at Digital Shadows warned against jumping to the conclusion that the attack
was affiliated with a nation state. “Incident response takes time, and as this
just occurred last night, more time for investigations will be required,”
Holland said. “Based on reporting, this appears to be some sort of denial of
service attack and the barrier to entry for DOS attacks are low.”
The coronavirus pandemic has ratcheted up
fear among the populace and put stress on cybersecurity schemes, making them
vulnerable to opportunistic and nimble bad actors. “Organized groups are likely
empowered by the situation and will want to take advantage of it,” said Thomas
Hatch, CTO and cofounder of SaltStack. “They can attack specific services,
particularly financial institutions because of the overall distracted nature of
It’s also too early to tell whether the
attack will be an isolated one or “a precursor for a larger attack that may
result in data access and or exfiltration,” said Stephen Boyce, Principal
Consultant at the Crypsis Group.
“The most prominent targets of such
attacks are institutions that are providing information to the public regarding
COVID-19,” including local, state, federal, and tribal government agencies,
media outlets, pharmaceuticals companies, and healthcare industries, said Boyce.
“We should expect more DDoS attacks on the institutions mentioned above and an
increase in spear-phishing attacks as well.”