Amid Pandemic, Microsoft Alerts Dozens of Hospitals Vulnerable to Ransomware Threat Microsoft said it warned 'several dozens of hospitals' about vulnerabilities in their networks that could be used to deliver ransomware to their IT systems.

By Michael Kan

This story originally appeared on PC Mag

Tayfun Coskun/Anadolu Agency/Getty Images via PC Mag

As doctors care for the sick during the coronavirus pandemic, Microsoft is trying to protect their hospitals from ransomware attacks.

On Wednesday, Microsoft said it warned "several dozens of hospitals" about software vulnerabilities in the online systems they use. The company is concerned hackers could end up exploiting the same flaws to deliver ransomware to hospital computers.

"To help these hospitals, many already inundated with patients, we sent out a first-of-its-kind targeted notification with important information about the vulnerabilities, how attackers can take advantage of them, and a strong recommendation to apply security updates that will protect them from exploits of these particular vulnerabilities and others," the company wrote in the blog post.

The vulnerabilities Microsoft is worried about deal with network devices, including gateways and VPN servers. Hospitals use these systems so that workers can securely log in and access the local healthcare network and applications.

Unfortunately, the same devices can contain vulnerabilities, making them attractive targets for hackers. One notorious group known as REvil has been doing just that by preying on flaws in vulnerable VPN servers to steal passwords, which can then be used to infiltrate an organization's IT infrastructure.

Not helping the matter is how many healthcare providers also use outdated software, such as Windows 7 and Windows XP. This can make them even more vulnerable to attack.

Microsoft didn't say how it learned which hospitals were susceptible to REvil's attacks. But the company has been tracking the group's activities, and fears hospitals will fall prey to them, which could put lives at stake in light of the ongoing pandemic. "Now more than ever, hospitals need protecting from attacks that can prevent access to critical systems, cause downtime, or steal sensitive information," the company added.

Ransomware is particularly problematic because the attacks can encrypt entire fleets of computers, effectively shutting them down. To free them, the victims have to pay a ransom, which in some cases can reach six figures or more.

Whether the affected hospitals heeded Microsoft's warnings remains unclear. But the company's blog post does contain tips on helping both hospitals and businesses protect themselves from potential ransomware attacks.

Some of Microsoft's employees are also part of a newly-announced coalition of 360 security researchers, who've banded together to protect hospitals from cyber attacks during the pandemic. According to Reuters, the group has already dismantled one campaign that was using a software vulnerability to distribute malicious computer code.

Michael Kan

Reporter

Michael has been a PCMag reporter since October 2017. He previously covered tech news in China from 2010 to 2015, before moving to San Francisco to write about cybersecurity.

Editor's Pick

Related Topics

Business News

Katy Perry Is Fighting the Founder of 1-800-Flowers for a $15 Million California Mansion He Doesn't Want to Sell Her

The eight-bedroom, 11-bathroom estate sits on nearly nine acres in the Santa Ynez foothills in Montecito.

Business News

Jeff Bezos Lost $5 Billion in 1 Day After Amazon FTC Lawsuit News

The lawsuit accuses Amazon of engaging in anticompetitive practices, which has led to a sharp decline in the company's stock value and a substantial reduction in Bezos's net worth.

Growing a Business

Want to Sound Smarter? This Stanford Professor's Simple 3-Point Technique Will Help

With a little structure, you can impress audiences with your ad-libbing all day.

Living

Don't Make This 'Crazy' Common Mistake in Your Home Office Setup, Warns an Interior Designer Behind Million-Dollar Renovations

Ali Budd, president and creative director of Ali Budd Interiors, talks what's important in an office — and what isn't.