The U.S Department of Health and Human Services suffered a multi-pronged cyber-attack late yesterday. The attacks come amidst the department’s efforts to curb or otherwise combat the global coronavirus pandemic. The perpetrators did not target any sensitive data and have not been identified as of yet.
The department works to protect the health of all Americans, a task of special importance in the current climate. The Centers for Disease Control and Prevention (CDC) operates under the Health and Human Services department.
The Health and Human Services cyber-attack resembled a DDoS in that it aimed to slow down the response to the coronavirus. Additionally, it looked to spread misinformation by spreading rumors of an upcoming national lockdown to halt the spread of the virus. The National Security Council was forced to send a response tweet to combat the misinformation: “Text message rumors of a national #quarantine are FAKE. There is no national lockdown. @CDCgov has and will continue to post the latest guidance on #COVID19.”
Officials would not comment on the Health and Human Services cyber-attack. However, we did gather some commentary from independent cybersecurity experts.
Adam Laub, Chief Marketing Officer at Stealthbits, shared his thoughts. “What’s particularly disturbing about this latest incident at the U.S. Health and Human Services Department is that the intent of the attack appears to be driven entirely by malice, seeking only to prevent the men and women trying desperately to protect millions of American citizens from harm from doing their jobs, as well as spread false information in order to generate more panic and uncertainty. No mention of stolen data or compromised credentials. Just DDoS style attacks aimed at bringing down critical infrastructure. It’s among the more cowardly acts we’ve seen lately, especially when compared to the heroic efforts of scientists, doctors, nurses, law enforcement and other front-liners across the world.”
Learn more about preventing cyber-attacks here.
- More Expert Commentary and Coverage of the GetHealth Exposure - September 14, 2021
- GetHealth Platform Misconfiguration Exposes 61 Million Fitness-Tracking Records - September 13, 2021
- Panther Labs Releases State of SIEM 2021 Report - September 13, 2021