Get All Access for $5/mo

Amid Pandemic, Microsoft Alerts Dozens of Hospitals Vulnerable to Ransomware Threat Microsoft said it warned 'several dozens of hospitals' about vulnerabilities in their networks that could be used to deliver ransomware to their IT systems.

By Michael Kan Edited by Frances Dodds

This story originally appeared on PC Mag

Tayfun Coskun/Anadolu Agency/Getty Images via PC Mag

As doctors care for the sick during the coronavirus pandemic, Microsoft is trying to protect their hospitals from ransomware attacks.

On Wednesday, Microsoft said it warned "several dozens of hospitals" about software vulnerabilities in the online systems they use. The company is concerned hackers could end up exploiting the same flaws to deliver ransomware to hospital computers.

"To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others," the company wrote in the blog post.

The vulnerabilities Microsoft is worried about deal with network devices, including gateways and VPN servers. Hospitals use these systems so that workers can securely log in and access the local healthcare network and applications.

Unfortunately, the same devices can contain vulnerabilities, making them attractive targets for hackers. One notorious group known as REvil has been doing just that by preying on flaws in vulnerable VPN servers to steal passwords, which can then be used to infiltrate an organization's IT infrastructure.

Not helping the matter is how many healthcare providers also use outdated software, such as Windows 7 and Windows XP. This can make them even more vulnerable to attack.

Microsoft didn't say how it learned which hospitals were susceptible to REvil's attacks. But the company has been tracking the group's activities, and fears hospitals will fall prey to them, which could put lives at stake in light of the ongoing pandemic. "Now more than ever, hospitals need protecting from attacks that can prevent access to critical systems, cause downtime, or steal sensitive information," the company added.

Ransomware is particularly problematic because the attacks can encrypt entire fleets of computers, effectively shutting them down. To free them, the victims have to pay a ransom, which in some cases can reach six figures or more.

Whether the affected hospitals heeded Microsoft's warnings remains unclear. But the company's blog post does contain tips on helping both hospitals and businesses protect themselves from potential ransomware attacks.

Some of Microsoft's employees are also part of a newly-announced coalition of 360 security researchers, who've banded together to protect hospitals from cyber attacks during the pandemic. According to Reuters, the group has already dismantled one campaign that was using a software vulnerability to distribute malicious computer code.

Michael Kan

Reporter

Michael has been a PCMag reporter since October 2017. He previously covered tech news in China from 2010 to 2015, before moving to San Francisco to write about cybersecurity.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Business News

These Are the Best Cities for Starting a Business — and Surrounding Yourself With Millionaires

Here are 10 U.S. cities that stand out for entrepreneurship, according to a new report.

Business News

'Let It Go': A Couple Has Spent $400K Suing Disney After Being Banned From the Park's Exclusive 33 Club. Social Media Reactions Have Not Been G-Rated.

After getting banned from the exclusive members-only club for alleged bad behavior, a California couple has spent a fortune trying to get back to paling around with Mickey.

Side Hustle

How a History Student Turned Her Side Hustle Into a Startup That's Raised $7 Million: "People Always Tell Me, 'I Thought I Had to Major In Computer Science to Be an Entrepreneur'"

Audrey Wisch never imagined she'd be one of those kids who dropped out of college to grow her side hustle into a startup. But with the help of AI, her "human-centric" service is scaling up.

Franchise

Taco Bell's New Mountain Dew Baja Blast Gelato Is Causing a Frenzy — But Fans Have One Big Complaint

The company released the dessert to mark the 20th anniversary of the iconic Mountain Dew Baja Blast, which has garnered a cult-like following since its debut in 2004.

Science & Technology

AI for the Underdog — Here's How Small Businesses Can Thrive With Artificial Intelligence

How small businesses can harness the power of AI to streamline operations, enhance customer experiences and drive growth.