The company's new report highlights the threats facing healthcare institutions by both criminal and nation state-backed actors.
A significant boost in cyber activities in 2020 from both criminal and nation state actors was primarily driven by attempts to extort the healthcare industry as well as acquire information related to the coronavirus and possible vaccines, according to a new Crowdstrike report.
"There's a couple major themes we saw throughout the last year: the most dominant feature I think is obviously COVID. The impact that COVID had in the cyber domain was absolutely mind boggling," Adam Meyers, senior vice president of intelligence at Crowdstrike, told FCW.
The company's "2021 Global Threat Report" outlines activities throughout 2020 by hacking campaigns and other threat actors spanning across 10 different countries as well as groups categorized as being motivated by "eCrime" or hacktivism.
"In the early days of the pandemic, objectives for targeted intrusion actors may have included acquiring information on infection rates or country-level responses to the treatment of COVID-19," according to the report. "The search for a vaccine became of paramount importance, and the scientific information that could lead to a vaccine for COVID-19 was a high-priority collection requirement for many targeted intrusion adversaries."
Meyers noted that early in 2020, there was a noticeable uptick in activity from Vietnam targeting health agencies in China looking for information about the coronavirus. Those activities preceded lockdowns and other precautions to guard against COVID-19 weeks before other countries had begun enforcing similar measures. The relatively lower infection and mortality rates in Vietnam, which shares a border with China, reflect those early precautions, Meyers said.
The company also found a noticeable spike in ransomware cases being used against healthcare facilities.
"CrowdStrike Intelligence confirmed that 18 ransomware families infected 104 healthcare organizations in 2020," the report states.
Ransomware attacks against the medical industry have become particularly controversial in recent months as the coronavirus proliferated. Some hacking campaigns have pledged not to target hospitals or to provide decryption keys if a medical facility is accidentally swept up in an attack.