Report: US Health and Human Services department hit by cyberattack amidst coronavirus fears
The Sunday cybersecurity attack was designed to slow down the agency’s systems as it tries to grapple with the spread of COVID-19.
The U.S Department of Health and Human Services was the victim of a cyberattack on Sunday as the federal government attempts to deal with the coronavirus crisis, according to a report from Bloomberg. Citing three people familiar with the matter who wished to remain anonymous, Bloomberg said that the attack was intended to slow down the agency’s servers by overloading them with millions of hits over a period of several hours.
Just before midnight after the attack, the Nation Security Agency posted the following tweet: “Text message rumors of a national #quarantine are FAKE. There is no national lockdown. @CDCgov has and will continue to post the latest guidance on #COVID19. #coronavirus”
The tweet was related to the hacking and to the release of disinformation after the government learned of the cyberattack and the circulation of false information, one of the sources told Bloomberg. As such, the tweet was partly intended to respond to the hacking, which involved multiple incidents. Secretary of State Michael Pompeo and other Trump administration officials are aware of the incident, one of the sources added.
SEE: Coronavirus having major effect on tech industry beyond supply chain delays (free PDF) (TechRepublic)
The attack didn’t appear to actually slow down HHS’ systems in any “meaningful way,” according to the report, nor does it appear as if the hackers stole any data. Further, HHS officials assume the attack was carried out by a hostile foreign actor, though there is no proof of that at this point. Paul Nakasone, who heads the National Security Agency and U.S. Cyber Command, is looking into the situation, one of the sources told Bloomberg.
The HHS did not immediately respond to a request for comment.
As the coronavirus outbreak ramps up, hackers and cybercriminals have been taking advantage of the crisis for their own malicious reasons. Cybercriminals have been discovered spreading malware through emails and links related to the coronavirus. Phishing emails claiming to be from the Centers for Disease Control and Prevention and the World Health Organization have arisen in an attempt to steal email credentials and other sensitive information.
The UK’s National Cyber Security Centre (NCSC) has issued warnings about criminals exploiting the coronavirus through phishing emails, malware, and other threats.
Image: z1b, Getty Images/iStockphoto