Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity NewswireCybersecurity News

U.S. Health and Human Services Department Suffers Cyberattack

cyber-attack
March 16, 2020

The U.S. Health and Human Services Department suffered a Distributed Denial of Service (DDoS) attack. 

According to a Bloomberg news report, the cyberattack was called a campaign of disruption and disinformation that was aimed at undermining the response to the Coronavirus pandemic. The attack may also have been the work of a foreign actor. In addition, it doesn’t appear that the hackers took any data from the systems, and the hack involved overloading the HHS servers with millions of hits over several hours.

“We are aware of a cyber incident related to the Health and Human Services computer networks, and the federal government is investigating this incident thoroughly,” John Ullyot, a spokesman for the National Security Council, said in a statement. “HHS and federal government cybersecurity professionals are continuously monitoring and taking appropriate actions to secure our federal networks.” He added that “HHS and federal networks are functioning normally at this time," according to the Bloomberg. 
 
Stephen Boyce, Principal Consultant at the Crypsis Group, told Security Magazine that while DDoS attacks are not sophisticated, "the timing of the attack and potential motive raises significant concern. The goal of these attacks is to prevent legitimate users from accessing HHS websites and systems. These attacks could also be a precursor for a larger attack that may result in data access and or exfiltration."
 
According to Boyce, "the most prominent targets of such attacks are institutions that are providing information to the public regarding COVID-19. These institutions include: local, state, federal, and tribal government agencies, media outlets, pharmaceuticals companies and healthcare industries. We should expect more DDoS attacks on the institutions mentioned above and an increase in spear-phishing attacks as well."

"This is an unfortunate event; cyber threat actors will play on fears and capitalize on national catastrophes and other calamities to wage their acts," adds Boyce. "At a time when nations struggle and mourn, it is not unexpected, but particularly tragic to witness.”

Thomas Hatch, CTO and Co-Founder at SaltStack, says that as we self-quarantine and combat the spread of Coronavirus, “we should expect cyberattacks to continue, and to be seen as more and more opportunistic. Those who wish to launch cyberattacks will not show mercy because of the situations that we are in, but rather this will be seen as an opportunity. There are a number of attackers and motivations that can be fulfilled. A nation-state hostile to the US will want to damage our response times to Coronavirus. Petty thieves will assume that classical attacks are going to be more effective because cyber defense staffing is likely distracted right now dealing with the influx of issues that come from a demand shift for specific services. Organized groups are likely empowered by the situation and will want to take advantage of it. They can attack specific services, particularly financial institutions because of the overall distracted nature of the defenders.”

Jack Mannino, CEO at nVisium, also maintains that the attack is proof that hostile actors "are capitalizing on the fear and frenzy generated by the pandemic. The ability to disrupt systems and increase public misinformation are viable threats while we are all adjusting to societal changes. As we continue to be impacted by changes to our way of life, people will become even more reliant on applications and software to provide them with accurate and truthful information. Eroding trust in our systems during a crisis is a perfect way to cause chaos.”

Rick Holland, CISO, Vice President of Strategy at Digital Shadows, notes, however, that, “We should not jump to conclusions and assume the attack was nation-state affiliated. Incident response takes time, and as this just occurred last night, more time for investigations will be required. Based on reporting, this appears to be some sort of denial of service attack and the barrier to entry for DOS attacks are low."

"While infectious disease experts are on the front lines of a war against COVID-19, cybersecurity professionals must be ever vigilant and keep a heightened focus on their networks to ensure hackers do not use this health emergency to cause chaos," says Rui Lopes, Engineering and Technical Support Director at Panda Security. "To this end, a zero-trust security posture has never been more essential.”

KEYWORDS: cyber security cybersecurity Denial of Service Attack nation-state attack

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Internal computer parts

Critical Software Vulnerabilities Rose 37% in 2024

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Person working on laptop

Governance in the Age of Citizen Developers and AI

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • edu5-900px.jpg

    U.S. Department of Education Announces New Grant Awards for School Safety and Mental Health Services

    See More
  • cyber-security-freepik

    US State Department suffers cyberattack

    See More
  • Blue and yellow text on black screen

    Bay Cove Human Services suffers data breach

    See More

Events

View AllSubmit An Event
  • March 6, 2025

    Why Mobile Device Response is Key to Managing Data Risk

    ON DEMAND: Most organizations and their associating operations have the response and investigation of computers, cloud resources, and other endpoint technologies under lock and key. 
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing