[BreachExchange] Cyberattack On A Hospital Leads To The First Ransomware-Linked Death
Destry Winant
destry at riskbasedsecurity.com
Fri Sep 18 09:55:52 EDT 2020
https://www.forbes.com/sites/leemathews/2020/09/17/ransomware-attack-hospital-leads-to-death/#6b9f3d4d3f05
The cost of a ransomware attack can be very steep, but it’s one tends
to be counted out in dollars and cents. This week, however, one such
attack is being blamed for the loss of a human life.
Databreaches.net tracked a report from German sources about the
incident. Several days ago criminal hackers infected systems at
University Hospital Düsseldorf with an as-yet-unnamed strain of
ransomware.
Its impact was widespread. According to a report from Computer Bild
(Translate link), the attack “crippled the entire IT network of the
hospital.” Days later the phone system was brought back online, but
other systems remained down.
German authorities contacted the attackers and made an appeal to
decrypt the hospital’s files and restore operations. A decryption key
was indeed sent, but not before tragedy struck.
While its systems remained unavailable the Hospital was forced to
cancel all surgical procedures. Ambulances were rerouted to other
nearby hospitals.
One did, however, arrive at the Hospital with a patient in critical
condition. The patient passed away while being transported to another
hospital for treatment.
This may well mark the first time that a human casualty has been
linked to a ransomware attack. It’s an incredibly grim possibility
that cybersecurity experts have been warning about for quite some
time.
The death occurs just months after at least one cyber gang had
publicly pledged to stop attacking health care providers.
Text in the ransom note left behind by the malware only serves to
compound the tragedy. Authorities believe that the University itself
appears to have been the target, not the Hospital.
There’s still another ugly problem the hospital must contend with. The
impact of the ransomware attack went beyond forcing the Hospital to
take systems offline. The perpetrators also claimed to have stolen
patient data.
As if the system outage and loss of a life wasn’t enough, the Hospital
must still determine how to resolve an attempt at extortion.
More information about the BreachExchange
mailing list