How would you punish someone who hacks hospitals amid a global epidemic?

Hackers are using banking malware to steal information and attack the IT infrastructure of several Hungarian healthcare institutions. The COVID-19-themed emails seem legitimate at first, as if they have been sent by the institutions, but they contain the dangerous banking Trojan.

Hvg reports that cyberhackers are attacking the IT infrastructure of several Hungarian healthcare institutions, warns the National Cyber Defence Institute (NKI). The criminals are using emails that claim to contain useful information about what to do during COVID-19.

The National Cyber Defense Institute is an event management centre dealing with cyber-attacks and threats in Hungary. They are part of the Hungarian National Security Service (NSC). They are the national contact point for coordinating high-impact cyber incidents within the European Union, receiving incident reports and sending them to international partner organisations.

The emails are sent in the name of the National Healthcare Service Centre and the county and teaching hospitals of Szabolcs-Szatmár-Bereg County. The emails usually include a subject and one or more attachments claiming to contain information about COVID-19 procedures. These mails aim to convince the receiver to open the attachments which contain a banking Trojan, a malware called Emotet.