Cyberattack Against U.S. Health Agency Aims to Slow Covid-19 Response
There's nothing like a common enemy to bring people together. Even people with philosophical differences.
Right now, the world has a common enemy. It's COVID-19. As you know, this pandemic has ravaged the world.
Now, I don't expect hostile nations to suddenly become friends. It does seem, however, that cooperation is in order to defeat this foe.
But an incident last week shows cooperation is the last thing on some people's minds.
An Unknown Culprit
A cyberattack was carried out against the U.S. Health and Human Services Department (HHS). The Bloomberg news service broke the story.
It was called a campaign of disruption and disinformation. One that aimed at undermining the response to the coronavirus pandemic. The attack was a "distributed denial of service" (DDOS). A DDOS uses automated users (bots) to overwhelm a system.
So far, it is not known who is responsible. The U.S. government suspects a foreign actor. Analysts are trying to determine the origin of the attack.
John Ullyot is a spokesperson for the National Security Council (NSC). He said, "HHS and federal government cybersecurity professionals are continuously monitoring. And taking appropriate actions to secure our federal networks.
"HHS and federal networks are functioning normally at this time."
'Extremely Strong Barriers'
It's assumed that whoever launched the cyberattack was trying to disrupt America's response to the health crisis.
The attack was not particularly sophisticated. It involved overloading the HHS servers with millions of requests for several hours.
HHS Secretary Alex Azar said this about the attack. "We have extremely strong barriers. We had no penetration into our networks. We had no degradation of the functioning of our networks.
"We had no limitation on the ability or capacity of our people to telework. And we've taken very strong defensive actions."
Reassuring the Public
Spokesperson Caitlin Oakley said HHS was "coordinating with federal law enforcement." She added that HHS would "remain vigilant and focused on ensuring the integrity of our IT infrastructure."
Oakley also said this to Business Insider. "HHS has an infrastructure with risk-based security controls continuously monitored. In order to detect and address cybersecurity threats and vulnerabilities.
"Early on while preparing and responding to COVID-19, HHS put extra protections in place."
Azar said he does not want to speculate about the source of the attacks. But he assured Americans that no data breach occurred.
A Related Text Message?
U.S. officials believe that a text message from an unknown sender may have been related to the cyberattack.
The message sender said the president would order a two-week mandatory quarantine for the nation.
The NSC responded with a tweet warning about fake text messages. President Donald Trump did not order such a quarantine. But he did warn against gathering in groups of more than 10 people. And against going to restaurants and bars.
Investigating the situation is General Paul Nakasone. He leads the National Security Agency and U.S. Cyber Command.
On the Lookout for More
Sara Sendek is a spokesperson for the Cybersecurity and Infrastructure Protection Agency (CISA). That's the cyber agency at HHS.
She told The Hill that CISA "has taken a number of steps over the last several weeks." For the purpose of increasing "cybersecurity preparedness across federal civilian agencies."
That includes enhanced monitoring and issuing recommendations as agencies shift to telework. As well as identifying and protecting particularly important systems supporting coronavirus response efforts.
"We're confident that the measures we've all put into place are sufficient," Sendek added. "We will stay on the lookout for and defend against malicious activity."
HHS a Major Player in the Fight
The type of cyberattack that occurred is common. It is very unusual for an overload type of attack to crash a government site.
But the fact that it was directed at HHS during a national health emergency is significant.
HHS is a key player in the federal response to the coronavirus. There may have been multiple hacking attacks with the goal of slowing down the system.
Much of the world is currently united in trying to halt the spread of the virus. But these types of attacks may increase.
Senator Wants 'Consequences'
Americans "should expect an increase in cyberattacks and stay vigilant." That's according to Senator Ben Sasse of Nebraska.
He is also a member of the Senate Intelligence Committee. Although the attacks appear to have been unsuccessful, he wants the perpetrator to pay for it.
"Here's the reality of the 21st century conflict," he said. "Cyberattacks are massive weapons to kick opponents when they're down.
"There need to be consequences for these kinds of attacks. We can't take our eye off the ball."
John Cohen agrees. He's a former acting Undersecretary of the Department of Homeland Security.
Here's what he told NBC News. "As federal, state and local governments focus on handling the current public health crisis, national security officials are also tracking other threats.
"In particular, those posed by terrorist or extremist groups and foreign adversaries."
He said those enemies may seek to take advantage of the attention being focused on the coronavirus by conducting attacks.