HHS puts extra cyber protections in place amid coronavirus pandemic

The US Department of Health and Human Services (HHS) says it “remains fully operational” after apparently being hit by an attempted distributed denial-of-service (DDoS) attack on March 15.

“On Sunday, we became aware of a significant increase in activity on HHS cyber infrastructure and are fully operational as we actively investigate the matter,” said Caitlin Oakley, HHS spokesperson, in a statement obtained by The Daily Swig.

“Early on while preparing and responding to Covid-19, HHS put extra protections in place. We are coordinating with federal law enforcement and remain vigilant and focused on ensuring the integrity of our IT infrastructure.”

US officials suspect that the effort to overload the HHS.gov website, which has witnessed a spike in traffic as anxious citizens seek information about the Covid-19 outbreak, is part of a two-pronged campaign to disrupt the flow of accurate information and disseminate disinformation about the coronavirus crisis.

The National Security Council issued a tweet in the early hours of Monday (March 16) quashing rumors of a nationwide quarantine.

“Text message rumors of a national #quarantine are FAKE,” it said. “There is no national lockdown.”

Bloomberg, which broke the story later that day, said the message was prompted by a disinformation campaign – conducted via text, email, and social media – warning that the “president will order a two week mandatory quarantine for the nation”.

Bloomberg reported that officials believed the message was connected to the HHS cyber-attack.

Motives unknown

In a White House briefing on the coronavirus crisis on Monday afternoon, HHS Secretary Alex Azar insisted there had no been no “penetration” or “degradation of the functioning of our networks”.

Officials suspect that nation-state threat actors were behind the attempted DDoS attack, but the White House hasn’t pointed fingers yet, Bloomberg also reported.

Jonathan Knudsen, senior security strategist at Synopsys, said the attack served as a “reminder that software is a piece of critical infrastructure, just as much as healthcare, power, water, and the other sectors.

“Software is part of the fabric of society that many of us take for granted,” he added.

“While the motives and the perpetrator of the attack remain unknown, the episode highlights the necessity for all organisations to practice good cyber security practices to minimise risk of disruption or interruption of services.”

Cybercriminals routinely exploit major crises for nefarious ends and the Covid-19 outbreak has proven no different.

Various health agencies have been targeted in large-scale phishing campaigns that set out to exploit the hunger for Coronavirus-related information, including US health authority The CDC and the World Health Organization.

Sophos Labs has also revealed a surge in domain registrations including ‘covid’ or ‘corona’ in the URI path.

RELATED Princess Cruises: Shipping company caught in coronavirus epidemic discloses data breach impacting guests and crew