You can be on Entrepreneur’s cover!

Amid Pandemic, Microsoft Alerts Dozens of Hospitals Vulnerable to Ransomware Threat Microsoft said it warned 'several dozens of hospitals' about vulnerabilities in their networks that could be used to deliver ransomware to their IT systems.

By Michael Kan

entrepreneur daily

This story originally appeared on PC Mag

Tayfun Coskun/Anadolu Agency/Getty Images via PC Mag

As doctors care for the sick during the coronavirus pandemic, Microsoft is trying to protect their hospitals from ransomware attacks.

On Wednesday, Microsoft said it warned "several dozens of hospitals" about software vulnerabilities in the online systems they use. The company is concerned hackers could end up exploiting the same flaws to deliver ransomware to hospital computers.

"To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others," the company wrote in the blog post.

The vulnerabilities Microsoft is worried about deal with network devices, including gateways and VPN servers. Hospitals use these systems so that workers can securely log in and access the local healthcare network and applications.

Unfortunately, the same devices can contain vulnerabilities, making them attractive targets for hackers. One notorious group known as REvil has been doing just that by preying on flaws in vulnerable VPN servers to steal passwords, which can then be used to infiltrate an organization's IT infrastructure.

Not helping the matter is how many healthcare providers also use outdated software, such as Windows 7 and Windows XP. This can make them even more vulnerable to attack.

Microsoft didn't say how it learned which hospitals were susceptible to REvil's attacks. But the company has been tracking the group's activities, and fears hospitals will fall prey to them, which could put lives at stake in light of the ongoing pandemic. "Now more than ever, hospitals need protecting from attacks that can prevent access to critical systems, cause downtime, or steal sensitive information," the company added.

Ransomware is particularly problematic because the attacks can encrypt entire fleets of computers, effectively shutting them down. To free them, the victims have to pay a ransom, which in some cases can reach six figures or more.

Whether the affected hospitals heeded Microsoft's warnings remains unclear. But the company's blog post does contain tips on helping both hospitals and businesses protect themselves from potential ransomware attacks.

Some of Microsoft's employees are also part of a newly-announced coalition of 360 security researchers, who've banded together to protect hospitals from cyber attacks during the pandemic. According to Reuters, the group has already dismantled one campaign that was using a software vulnerability to distribute malicious computer code.

Michael Kan

Reporter

Michael has been a PCMag reporter since October 2017. He previously covered tech news in China from 2010 to 2015, before moving to San Francisco to write about cybersecurity.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

From Tom Brady to Kevin O'Leary – See Who Lost Big in the Wake of the FTX Crypto Collapse

The crash exposed an $8 billion hole in FTX's accounts, leaving investors and customers scrambling to recoup their funds.

Business News

This Highly-Debated Piece of Cinematic History Just Sold For Over $700,000 at Auction

The wood panel from "Titanic" is often mistaken as a door. Either way, he couldn't have fit. (Sorry.)

Business News

Mark Zuckerberg Says This CEO Is the 'Taylor Swift' of Tech

Meta's CEO posed with Nvidia CEO Jensen Huang on Instagram Wednesday.

Fundraising

Avoid These 9 Pitch Deck Mistakes When Asking Others For Money

Crafting an efficient pitch deck requires serious effort, but at least it's not wandering in the dark since certain rules are shaped by decades of relationships between startups and investors.