author photo
By Clare O’Gara
Mon | May 18, 2020 | 5:30 AM PDT

It's always discouraging when hackers target the organizations that the world needs most.

This is particularly tragic during the COVID-19 crisis, with the rise in cyberattacks against the healthcare industry, the people working hardest to keep us safe.

One bright spot, however, is when these criminals are brought to justice.

Romania cracks down on cybercrime group

They called themselves "Pentaguard." The group of four Romanian cybercriminals joined forces early in 2020.

According to the Romanian police that recently arrested them, "Pentaguard" committed two main crimes (translated to English):

  1. Possession of computer applications intended to be used in specific computer attacks such as SQL Injection and Defacement, having as purpose, unauthorized access, followed by compromising content and, where appropriate, stealing stored computer data, actions targeting web domains hosting the sites of several public institutions and private ones, from Romania and the Republic of Moldova.
  2. Possession and development of malware in order to use them in computer attacks such as ransomware. Such malicious attacks, in order to block, restrict access and disrupt computer systems, as well as fraudulently accessing and altering the content of web domains, were and as the case may be, were directed against several public institutions both in Bucharest and other cities in the country. 

One of the group's major targets was healthcare:

They intended to launch "ransomware" attacks, in the near future, on some public health institutions in Romania, generally hospitals, using social engineering by sending a malicious executable application, from the "Locky" or "BadRabbit" (computer virus) families, hidden in an e-mail and in the form of a file that apparently would come from other government institutions, regarding the threat of COVID-19.

Through this type of attack, there is the possibility of blocking and seriously disrupting the functioning of the IT infrastructures of those hospitals, part of the health system, which plays a decisive and decisive role at this time, to combat the pandemic with the new Coronavirus.

Fortunately, the police managed to shut down the operation through three home invasions, arresting the group's members.

Those officers did more than enforce the law; they may have also saved live by protecting hospitals from a ransomware attack during a global pandemic.

How others are responding to COVID-19 cybercriminals

"Pentaguard" is far from the only organization attempting to take advantage of the healthcare industry during this time. Because bad actors love to profit off of a crisis.

But some are taking steps to combat them.

Like Ohad Zaidenberg. He created the COVID-19 CTI League, a volunteer group of more than 1,400 cybersecurity experts determined to protect healthcare from hackers and cybercriminals.

Zaidenberg spoke to SecureWorld about the CTI League:

"Since the coronavirus came out, I started to notice more and more hackers use this crisis to gain profit, and it made me so mad. It made me so angry because this is a game-changer. This is not the time to attack. People can lose their life with all this activity.

So if someone is crazy enough and sick enough to use this coronavirus crisis to leverage it, to gain some profit, he needs to know that we are here to stop him. We are here to fight back. And I think that most of the people that joined our league, they have that emotion."

Listen to our podcast on his group, which we titled "The Justice League in Cyberspace!"

Check out the COVID-19 CTI League here.