Global Cybersecurity League Formed to Fight Hospital Ransomware

Published at: April 2, 2020

A crack team of cybersecurity experts in 65 countries has come together to combat ransomware attacks on hospitals during the coronavirus crisis.

Calling themselves the COVID-19 CTI League the community of experts aims to protect the technological infrastructure of front-line medical resources from cyberattacks.

Hospitals around the world have seen a big increase in cyberattacks over the past year, in which critical IT systems are encrypted with malware. Gangs demand a Bitcoin ransom in return for the decryption key. Hospitals are often seen as soft targets, due to ageing IT infrastructure and a willingness to pay due to the critical nature of their work.

Cointelegraph reported on March 30 that Ryuk ransomware continues to target hospitals and healthcare providers based in the United States.

Fighting against cyber attacks during the pandemic

The founder of the project, Ohad Zaidenberg, is based in Israel, while other members of the management team include Nate Warfield, Chris Mills, and Marc Rogers, who are based in the United States.

Zaidenberg told Cointelegraph the League now has collaborators around the globe and that protecting hospitals was a critical need at this time:

“Since the coronavirus crisis came out, I understood that attacking against the medical sector is a game-changer that can cause death. I decided to create a community of cybersecurity experts that want to spend their free time and to use their abilities to protect the medical sector. With my friends in the management team, we prove the real power of the infosec community. It gave us so much power to keep doing our job — to save a life.”

Cryptocurrencies and ransomware attacks

Earlier this month cybersecurity firm Emsisoft and incident response company Coveware also announced an initiative offering free ransomware decryption tools and assistance to health care providers in the event of an attack.

The Emsisoft company blog implored ransomware crews to think twice before attacking healthcare organizations.

“Make no mistake, an attack on a healthcare organization will have negative outcomes and may result in the loss of life. We ask for your empathy and cooperation. Please do not target healthcare providers during the coming months and, if you target one unintentionally, please provide them with the decryption key at no cost as soon as you possibly can. We’re all in this together, right?”

Tags
Related Posts
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021
Another Free Ransomware Decryptor Released
Malware lab, Emsisoft, released a free decryptor tool on June 4. The tool enables victims to recover files encrypted by Tycoon ransomware attacks without needing to pay the ransom. Researchers from the BlackBerry’s security unit first discovered the ransomware. They stated in TechCrunch that Tycoon uses a Java file format to make it more difficult to detect before deploying its payload that encrypts the files. How does Tycoon work Speaking with Cointelegraph, Brett Callow, threat analyst of Emsisoft, said: “Tycoon is a Java-based, human-operated ransomware that appears to specifically target smaller enterprises and is typically deployed via an attack on …
Technology / June 6, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic
A cybersecurity expert explained why he is convinced that the promises made by ransomware groups amid the pandemic are irrelevant. Brett Callow — threat analyst at cybersecurity firm Emsisoft — told Cointelegraph that multiple ransomware groups recently made promises to halt their activity against medical organizations amid the coronavirus pandemic. Still, he believes that those promises are irrelevant: “The claims of a ceasefire made by ransomware groups are irrelevant [and] should be completely disregarded. Would you leave your front door unlocked simply because the local burglars had pinky-promised not to rob you? Probably not. The story of the frog and …
Blockchain / April 16, 2020
Deribit hackers move stolen Ether to Tornado Cash crypto mixer
In the aftermath of the $28 million Deribit hack, the unknown exploiter is moving stolen funds using the decentralized cryptocurrency mixer, Tornado Cash. The Deribit hot wallet hacker has transferred a total of 1,610 Ether (ETH), or around $2.5 million, to Tornado Cash, according to data from the Ethereum block explorer Etherscan. The funds were transferred in 17 transactions, with the first outgoing transaction occurring on Nov. 5 —just a few days after Deribit suffered the hack. The amount of funds moved to Tornado Cash is just a fraction of all stolen ETH on the hacker’s address, as its balance …
Blockchain / Nov. 7, 2022
OpenSea serves as an example of why crypto security must improve
In February 2022, OpenSea fell prey to a major phishing attack that resulted in over $1.7 million in nonfungible tokens (NFTs) being stolen from users. It wasn’t the only incident: Blockchain users reportedly lost $3.9 billion to fraudulent activity in 2022 alone. As we entered 2023, there was a chorus of promises to increase security within the crypto space. But, so far, things haven’t significantly changed. Companies that utilize blockchain still aren’t doing enough to prevent scams. If blockchain technology is going to see mass adoption, companies will have to change their approach from the bottom up. By focusing on …
Blockchain / Feb. 3, 2023