How would you punish someone who hacks hospitals amid a global epidemic?

Photo: Illustration/Pixabay

Hackers are using banking malware to steal information and attack the IT infrastructure of several Hungarian healthcare institutions. The COVID-19-themed emails seem legitimate at first, as if they have been sent by the institutions, but they contain the dangerous banking Trojan.

Hvg reports that cyberhackers are attacking the IT infrastructure of several Hungarian healthcare institutions, warns the National Cyber Defence Institute (NKI). The criminals are using emails that claim to contain useful information about what to do during COVID-19.

The National Cyber Defense Institute is an event management centre dealing with cyber-attacks and threats in Hungary. They are part of the Hungarian National Security Service (NSC). They are the national contact point for coordinating high-impact cyber incidents within the European Union, receiving incident reports and sending them to international partner organisations.

The emails are sent in the name of the National Healthcare Service Centre and the county and teaching hospitals of Szabolcs-Szatmár-Bereg County. The emails usually include a subject and one or more attachments claiming to contain information about COVID-19 procedures. These mails aim to convince the receiver to open the attachments which contain a banking Trojan, a malware called Emotet.

What is Emotet?

Emotet was originally designed as a banking malware that sneaks onto your computer and steals banking data, but newer versions are equipped to steal private information or install viruses used for cyber blackmailing. It is a Trojan that is primarily spread through spam emails. The infection may arrive either via a malicious script, macro-enabled document files, or a malicious link. Emotet emails may contain familiar branding designed to look like a legitimate email.

In this case, the emails look just like the ones sent by the real Hungarian healthcare institutions and even include references to previous emails to trick people into opening their attachments. Beware, as the email body and even the signature at the end usually look legitimate.

It is not known how many institutions received such letters and whether these cyber-attacks had any consequences so far.