Microsoft has first of its kind issued a notification early today that various hospitals operating across the world are vulnerable to Ransomware attacks as the VPNs and Gateways used by the healthcare providers are exposed to several hacking units.
“As the bad guys are consistently scanning for vulnerable endpoints, most of the VPNs are on target of those spreading ransomware- especially Revil(Sodinokibi). And the demand for virtual private networks has increased these days as most of the employees are working from home”, says the Microsoft statement.
Microsoft report highlights the fact that those spreading Sodinokibi are seen restructuring their malware infrastructure to double the outcome. And they are seeing healthcare organizations as soft targets to mint high revenue.
This attack is different from the regular commodity ransomware as attackers are seen performing specialized scans to identify security weaknesses as soon as they infiltrate the network says Microsoft.
Adding to this pain is the use of outdated systems and software such as Windows 7 and Windows XP systems by healthcare providers.
As of now, Microsoft did not specify the hospital names whose VPNs and gateways were susceptible to ransomware attacks. But it specified in its statement that hackers might target these systems any time and block access to critical systems, cause downtime and steal sensitive information.
Note- A Ransomware is file-encrypting malware that locks down a database until a ransom is paid in Cryptocurrency like BTC and Monero. And sometimes the ransom figure can reach a 6 digit number- say millions.