The Washington PostDemocracy Dies in Darkness

The Cybersecurity 202: Security pros form alliance to help hospitals facing hacking threats during pandemic

Placeholder while article actions load

with Tonya Riley

Cybersecurity companies and professionals are banding together to offer free digital defenses to hospitals that are being pummeled with digital attacks during the coronavirus pandemic. 

The group, which calls itself the Cyber Alliance to Defend our Healthcare, struck deals with 87 hospitals and four national health-care services in Europe over the past month. Organizers hope to make similar arrangements with numerous U.S. hospitals this month, they told me. 

The effort could be a lifeline as criminals take advantage of coronavirus to lock hospital employees out of their computer systems in exchange for ransoms. They're especially dire – and lucrative – during the pandemic since hospitals can’t afford to be booted out of their systems for any length of time. 

“This becomes a matter of life and death because hospitals have their IT systems locked down, sometimes medical devices, too, and can’t function,” André Pienaar, founder of C5 Capital, a cybersecurity-focused investment firm that launched the alliance, told me. 

The alliance also plans to offer cybersecurity help to labs working on coronavirus treatments and vaccines. 

That’s partly to prevent their work being slowed by disruptive attacks and to ensure the work isn’t stolen by hackers in adversary nations that want to manufacture copycat treatments or to get a leg up on innovation.

Protecting that intellectual property is crucial because that’s the future of our health-care community,” retired Gen. Keith Alexander, former U.S. Cyber Command chief, told me. 

Alexander’s company IronNet Cybersecurity is one of about 20 companies that are offering free protections through the health-care alliance so far. Pienaar hopes to significantly raise that number as more U.S. hospitals sign up for help, he told me. 

The alliance is yet another example of volunteers stepping in to help a vital industry in which cybersecurity protections haven’t kept pace with a boom in threats. 

It may get help from another volunteer cybersecurity protection group, called the Cyber Threat Intelligence League, which has focused mostly on taking down the digital infrastructure hackers are using to target health-care systems during the pandemic and identifying common security bugs that hospitals should patch.

And cybersecurity pros in the United States launched an initiative called Defending Digital Campaigns last year to offer free and reduced-price help to political campaigns that are being targeted by Russia and other U.S. adversaries. 

Hospitals are far more sophisticated when it comes to protecting themselves online than bootstrap political campaigns, said Ron Gula, a cybersecurity investor who helped fund the election effort and is helping recruit companies to join the health-care alliance. 

Still, hospitals are still ill-prepared for the volley of attacks they’re facing now. 

“They just got hit with a huge [coronavirus] crisis and they’re down manpower. So, there’s a… lack of focus on these critical [cybersecurity] issues,” Gula told me.

There’s no hard data about how much hacking against hospitals has increased during the pandemic, but the FBI and Interpol have both described significant spikes. And cybersecurity pros warn the threat is likely to continue as long as the pandemic lasts.

The alliance also plans to work directly with hospitals, advising their IT staffs on better ways to protect themselves. And the group plans to publish lists of big-picture cybersecurity recommendations for hospitals to follow. 

A lot of that work will be done on a volunteer basis by security pros at member companies, Pienaar said. 

“Many [chief cybersecurity officials] in health-care institutions have not seen this scale of cyberattacks. Many of them are overworked and overstretched. So, the alliance is going to be giving a lot of advice on a daily and weekly basis,” Pienaar said. 

They’re also hoping their work to improve hospitals’ cybersecurity protections now will make them better prepared for future threats. 

The health-care sector has broadly improved its digital protections in recent years and grown better at sharing information about threats so that it’s easier to defend against them. But it has lagged other sectors, such as financial services, that have far more mature systems for jointly combating hacking. 

There is no air traffic control picture for health care,” Alexander said. “The software that we're putting on the table says, 'Let's build together a comprehensive picture of what's hitting the sector' … I believe that will start to change the way we think about cyber.”

The keys

A Democratic-aligned group will use technology developed to fight Islamic State propaganda to combat Trump’s coronavirus claims on social media.

The political action committee called Defeat Disinfo will use artificial intelligence and network analysis to map the president’s posts. It will then enlist a network of over 3 million influencers — some of whom are paidto combat the narrative, Isaac Stanley-Becker reports

Defeat Disinfo is an extension of the company Main Street One, which ran similar efforts to counter Russian propaganda in Eastern Europe. The firm’s founder, Curtis Houghland, received Pentagon funding to develop the technology, which was first aimed at combating Islamic extremist messaging on social media. 

Houghland says Democrats are ill-prepared to stand up against a grass-roots digital army that continues to back Trump's handling of the pandemic. He cited the surge in tweets defending Trump's suggestion that disinfectants could cure the coronavirus, which he says was led primarily by four accounts that support the president.

Republicans have greater volume frequency and quality of the digital narrative, he said.

Trump ordered new restrictions on imports in the electricity sector, citing hacking dangers.

The order authorizes the Energy Department to prohibit U.S. power companies from using equipment supplied by adversaries that might attack U.S. energy infrastructure, Timothy Gardner at Reuters reports. 

The danger of such hacks represents a national emergency, the order says. It describes “foreign adversaries [that] are increasingly creating and exploiting vulnerabilities in the United States bulk-power system, which provides the electricity that supports our national defense, vital emergency services, critical infrastructure, economy, and way of life.”

The order doesn't specify nations whose companies might be banned from U.S. electricity systems. But the Trump administration accused Russia in 2018 of launching digital attacks against the U.S. power grid dating back at least two years. The Kremlin was also widely blamed for a cyberattack that disrupted the Ukrainian grid in 2015. 

The order will “greatly diminish the ability of foreign adversaries to target our critical electric infrastructure,” Energy Secretary Dan Brouillette said in a statement.

A security lapse exposed millions of records collected by a coronavirus symptom checking app in India.

The tool, launched by Indian telecommunications company Jio, recorded users' age, gender and in some cases location, Zack Whittaker at TechCrunch reports.

The lapse is sure to bolster privacy critics' concerns that companies are launching technology to help combat the coronavirus without adequate security and privacy protections. 

A security researcher found the exposed database May 1. It had been visible online without a password for roughly two weeks, and it's unclear who may have accessed it. Jio took the unsecured system offline after TechCrunch contacted the company.

The report comes amid a global surge in coronavirus tracking. At least 27 countries are using cellphone data to track citizen movements during the pandemic, Kareem Fahim, Min Joo Kim and Steve Hendrix report.

Industry report

The government contractor ManTech is announcing a new virtual training system today that will simulate cyberattacks against satellites and other space systems. 

The system, which is called a cyber range, will model an array of digital dangers, according to a preview shared exclusively with The Cybersecurity 202. Examples include hackers spying on data transmitted from satellites, disrupting GPS and other space-based systems to undermine military and industrial operations and altering satellites’ orbits to use them as missiles. 

Cyber ranges are increasingly common in the military and industry but typically model cyberattacks against a broad range of technologies rather than focusing on a specialized category.

“Space is woven through our entire infrastructure today, Damian DiPippa, general manager of ManTech's Mission and Intelligence Solutions Business Unit, told me. “If space assets were degraded or spoofed or brought down altogether that would great impact all other industry sectors.”

ManTech expects to contract use of the system to government agencies and companies that will use it to train security workers and to test out the security of their space-based systems by simulating attacks against them. 

More news on the convergence of cybersecurity and space:

Space Is Cybersecurity's New Frontier (Signal Magazine)

Securing the ballot

A precedent set by Wisconsin’s chaotic primary could help mail-voting efforts in November.

Because of a U.S. Supreme Court ruling, Wisconsin election officials counted tens of thousands of ballots that arrived after Election Day but were postmarked before it. And Democrats want that to be a precedent for other states that will dramatically expand their mail-voting programs in November as they continue to battle the pandemic, Amy Gardner, Dan Simmons and Robert Barnes report

The ruling could mark a late victory for Democrats who lost a battle with Republicans to delay the Wisconsin primary, resulting in thousands of people requesting mail ballots but not receiving them in time and blocks-long lines outside polling places that may have contributed to more than 50 coronavirus infections. Their hope is that less restrictive rules will boost mail-voting among Democrats wary of visiting the polls in person.

Privacy patch

Zoom isn't the only videoconferencing software raising privacy red flags.

Microsoft, Cisco and Google all retain the right to store user data from videoconferencing sessions and could use it to create customer profiles or even to train facial recognition systems, Consumer Reports found.

From a privacy point of view, none of these options are great, said Bill Fitzgerald, a privacy researcher in Consumer Reports' Digital Lab.

Consumer Reports sent a letter to the companies calling on them to enhance privacy protections, including giving users the option to delete data collected about them, and to make the policies easier for users to understand.

Global cyberspace

Privacy experts are slamming the Australian government after a breach revealed the personal data of over 700,000 migrants.

The breach of the Home Affairs Department's “SkillSelect” platform revealed the age, birth country and application outcome of migrants as far back as 2014, Paul Karp at the Guardian reports. It comes as the Australian government is asking citizens to share their locations and other sensitive data to combat the coronavirus pandemic.

More international cybersecurity news:

French company Tarkett hit by cyberattack, shares fall (Reuters)

Indonesia's Tokopedia probes alleged data leak of 91 million users (Reuters)

Chat room

Want to make password security fun for the kids (or maybe your parents)? Web developer Jarrod Overson has tips:


  • The House Intelligence Committee will host a hearing on the nomination of John Ratcliffe as director of national intelligence on Tuesday at 9:30 a.m.
  • The Cyberspace Solarium Commission will host a virtual forum on  from 11 a.m. to 12 p.m.

Secure log off

Here's why contact tracing is vital to combating the pandemic. 

To contain the spread of coronavirus, contact tracing is key. But doing it effectively will take an army of people that need to be hired and trained. (Video: The Washington Post, Photo: Daron Taylor/The Washington Post)