Several Czech hospitals reported unsuccessful cyberattacks on their computer systems on April 17, according to a statement from the health ministry. The ministry is now co-operating with the cyber department of the National Headquarters Against Organised Crime and the National Office for Cyber and Information Security (NUKIB) to identify the source.
“We know that there have been several attempts; fortunately they were blocked. There is not a major problem at the moment, but the risk is really very significant,” said Health Minister Adam Vojtech, adding that it cannot be ruled out that the attacks will not continue in the coming days.
NUKIB published a warning with the level of High (likely or very likely threat), according to which these attacks can have serious implications for the availability, confidentiality and integrity of important information and communication systems of Czech key infrastructure.
“According to the information available to us, we have a reasonable concern about the real threat of [further] serious cyber-attacks on major targets in the Czech Republic, especially on healthcare systems,” stated NUKIB director Karel Rehka, adding that the preparatory phase of the next cyberattacks was already under way, especially through a spear phishing campaign.
“According to our telemetry, the data that we see in our systems and the information that NUKIB has published, it is a malware called coviper,” commented technical director of Eset Miroslav Dvorak.
“We take NUKIB warnings very seriously; thus we immediately sent this information to healthcare providers, including what steps their IT professionals should undertake immediately. Cyber-security is a priority for us. We are in contact with NUKIB and we will monitor the situation,” Vojtech added.
Also, Prague Airport reported it thwarted several cyberattacks on its IT networks in the last few days, according to the airport spokesperson, Katerina Pavlikova, as reported by the Czech News Agency.
“Attempted attacks on web pages of the airport were detected in preparatory phases,” Pavlikova said, quoted by Reuters. “That prevented their spreading and all further phases that could have followed and potentially harm the company.”
Reuters also reported that US Secretary of State Mike Pompeo said on April 17 the US was concerned by the threat of a cyberattack against the Czech Republic’s healthcare sector, stressing that anybody engaged in such activity should “expect consequences”.